Summary:
Hackers responsible for a December 2024 ransomware attack on RIBridges, Rhode Island’s health and benefits system, have released stolen files on the dark web. According to a statement from Governor Dan McKee’s office, the state had anticipated this action after refusing to meet the attackers' ransom demands.

The RIBridges system supports numerous state benefits programs, including Medicaid, SNAP, TANF, and childcare assistance programs, serving over 300,000 residents annually. These programs account for 40% of the state’s budget, totaling approximately $3.1 billion.

Details of the Attack:
The attack was confirmed as ransomware on December 10, 2024, after an initial alert from Deloitte, Rhode Island's IT vendor, on December 5. The leaked files' scope and contents are still under analysis by the state’s IT teams. Potentially impacted individuals include beneficiaries of various health and social support programs.

The Rhode Island Department of Administration launched a statewide outreach campaign to help residents protect their personal information. Recommendations include:

• Implementing multifactor authentication.
• Signing up for credit monitoring and fraud alerts.

The state continues to work with Deloitte to analyze the leaked files and identify affected individuals.

Implications:
The attack highlights the risks posed to critical government systems, particularly those supporting vulnerable populations. The breach affects a significant portion of the state’s population, including adults, children, senior citizens, individuals with disabilities, and veterans.

Link(s):
https://statescoop.com/rhode-island-benefits-system-cyberattack-files-dark-web/