State officials revealed that a cyberattack on Rhode Island’s online social services portal may have exposed the personal information of hundreds of thousands of residents. Governor Dan McKee’s office stated there is a “high probability” that sensitive data was compromised.
The attack targeted RIBridges, the system residents use to apply for programs like Medicaid and SNAP, as well as the HealthSource RI insurance marketplace. Officials warned that anyone who has applied for or received health coverage or benefits may be affected.
The breached data could include names, addresses, dates of birth, Social Security numbers, and banking information. Deloitte, which operates the RIBridges system, informed the state of the potential attack on December 5. However, it was only confirmed on December 13 that the system contained “malicious code.” Deloitte and state officials then took the system offline to mitigate the threat.
While the system remains down, residents can use paper applications to access benefits. At a press conference, Rhode Island’s chief digital officer, Brian Tardiff, reported that the cybercriminals responsible for the attack are threatening to release the stolen data unless they are paid, according to The New York Times.