McKee says state and it's contractor will fix this. Also, he has a bridge to sell you
By Rhode Island Current staff, Rhode Island Current
The number of people whose personal information was potentially compromised by the data breach of the RIBridges system is significant.
“It’s in the hundreds thousands,” Gov. Dan McKee said at an emergency news conference Friday night at the Department of Administration attended by several cabinet members.
State officials said they learned of the possibility that the system was the target of a potential cyberattack on Dec. 5 from its vendor Deloitte. At that time, the FBI and the Rhode Island State Police were notified.
The system was taken offline Friday afternoon after Deloitte confirmed a major security threat had occurred. Networks are typically taken offline to prevent further intrusion on systems.
Hackers could have obtained names, addresses, dates of birth, Social Security numbers and banking information could have been stolen, state officials acknowledged.
“I understand this is alarming,” McKee said. “Please know that Deloitte and the state are working with law enforcement, as well as IT experts to minimize the impact on Rhode Islanders.”
Chief Digital Officer Brian Tardiff confirmed that hackers installed malware and demanded a ransom but declined to say how much. He also declined to characterize the attack as ransomware, which is what happened to the Providence Public School District in September.
“This is more of an extortion type activity by the cybercriminal,” Tardiff told reporters.
State officials didn’t disclose the attack sooner because they were worried hackers would release customers’ personal information, he added.
State officials said anyone who has received or applied for health coverage and/or health and human services programs or benefits could be impacted by this leak. The programs and benefits managed through the RIBridges system include but are not limited to:
- Medicaid,
- Supplemental Nutrition Assistance Program (SNAP),
- Temporary Assistance for Needy Families (TANF),
- Child Care Assistance Program (CCAP),
- Health coverage purchased through HealthSource RI
- Rhode Island Works (RIW),
- Long-Term Services and Supports (LTSS) and
- General Public Assistance (GPA) Program.
The hack comes six weeks into the open enrollment period for HealthSourceRI, the state’s health insurance marketplace.
HealthSourceRI Director Lindsay Lang said its call center hour will not be open Saturday morning as it usually is during open enrollment.
A dedicated call center for impacted customers will be available Sunday, Dec.15 from 11 a.m. to 8 p.m. After Sunday, the call center will be open Mondays through Fridays from 9 a.m. to 9 p.m. EDT. The state will update its website with the call center number on Sunday morning.
Households affected by the cyberattack will receive a letter by mail from the state that explains how to access free credit monitoring. While the system is down, anyone who needs to apply for benefits will need to submit a paper application.
State officials advised customers to remain vigilant and monitor their accounts for any unauthorized activity and consider taking the following steps:
- Freeze credit and/or place a fraud alert through the three major credit bureaus (Visit https://www.usa.gov/credit-freeze for more information and see credit bureau contact information).
- Change any common or reused passwords to a new strong and unique one. Using a safe and secure password manager is the most effective way to reduce risks of password misuse.
- Call their bank to ask what steps may be taken related to the security of their bank account.
Updates will be made available at https://admin.ri.gov/ribridges-alert
GET THE MORNING HEADLINES.
Rhode Island Current is part of States Newsroom, a nonprofit news network supported by grants and a coalition of donors as a 501c(3) public charity. Rhode Island Current maintains editorial independence. Contact Editor Janine L. Weisman for questions: info@rhodeislandcurrent.com.
