Rhode Island Residents: Your Personal Data May Be Leaked After RIBridges Breach

If you’re a Rhode Island resident who has recently applied for government assistance through RIBridges, there’s a high probability that your personal data has been compromised in a new data breach.

The hackers stole RIBridges account holders’ names, dates of birth, Social Security numbers and banking information, government officials said. As of Tuesday, the cybercriminal group responsible for the attack, Brain Cipher, is holding the data ransom and is threatening to leak it on the dark web.

If you received the following benefits since RIBridges’ launch in 2016, your data could be at risk:

• Medicaid Supplemental Nutrition Assistance Program
• Temporary Assistance for Needy Families 
• Child Care Assistance Program 
• Health coverage purchased through HealthSource 
• RI Rhode Island Works 
• Long-Term Services and Supports  
• General Public Assistance Program At Home Cost Share 

“State government agencies are often considered low-hanging fruit because they may lack the most sophisticated cybersecurity protections but have highly valuable information that identity criminals want,” James Lee, COO of the Identity Theft Resource Center, told CNET in an email.

The RIBridges online portal, operated by Deloitte, has been temporarily shut down as authorities work on remediating the threat. Deloitte confirmed the breach on Dec. 11, which is believed to have impacted hundreds of thousands of residents. 

Deloitte, which works with over 25 US states, has told news outlets that only RIBridges’ systems were compromised by the Brain Cipher attack. The company didn’t immediately respond to CNET’s requests for comment.

“After consultation with our state IT department, Deloitte immediately implemented additional security measures and started to assess the threat,” the governor’s office said in a statement on its website.

If you were impacted by this breach, you’ll be notified in the coming weeks and will receive access to identity theft and credit monitoring services paid for by Deloitte, state officials said during a Dec. 14 press conference. 

For up-to-the-minute info on the breach, you can visit cyberalert.ri.gov

What should I do if I’m impacted by the RIBridges hack?

If your data is compromised in a cyberattack, it’s possible that your personal identification data could be leaked on the dark web and you could experience fraud. There are steps you can take to help protect your identity and potentially stop identity thieves in their tracks. 

In a short video posted Dec. 16, Rhode Island Gov. Daniel McKee, outlined a few steps that residents can take to limit the consequences of the data breach. As a cybersecurity editor, I added a few more helpful steps to this list to lock down any sensitive data.

Update your password

You should change the password to your RIBridges account as soon as possible. If you used the same password on other accounts, change those passwords as well. 

Set up multi-factor authentication

Multi-factor authentication is a great way to protect your accounts from scammers attempting to commit fraud. After you login to an account, the website or mobile app will send a verification code via email or text to confirm it’s really you logging into the account.

A recent CNET survey found that 41% of US adults enrolled in two-factor authentication after having their data compromised in a data breach. 

Request copies of your credit reports

You should request copies of your credit report from each credit bureau and review it for any errors or accounts you did not open. It’s good to do this multiple times a year, especially if you know your personal data has been compromised in a breach.

You can request free copies of your credit reports weekly at annualcreditreport.com.

Freeze your credit reports

McKee advised residents to contact all three credit reporting agencies (Experian, TransUnion and Equifax) and freeze their credit. Freezing your credit ensures that nobody can open a new line of credit in your name and rack up debt against your credit score. In order to apply for credit yourself, however, you will need to temporarily unfreeze or “thaw” your credit.

“Freezing your credit can be done online in a matter of minutes on a smartphone or computer,” Lee said.

Alternatively, you can place fraud alerts on your credit reports, which notify you if someone tries to access your credit profile. However, fraud alerts last only 12 months and don’t block access to your reports to creditors. This may be a good option if you anticipate applying for credit soon and would only like to be notified before an account is opened in your name. 

Look out for phishing attacks

If your personal data is leaked in a breach, it’s likely that you will start receiving phishing attempts from scammers looking to get into your financial accounts or obtain more personal information.

These swindles can happen via text, email and phone and can take on many forms — from nondelivery package scams and fake job opportunities to cryptocurrency scams. 

Never give out your personal information including your SSN and passport number through any unsolicited communication.

Sign up for identity theft protection

RIBridges account holders impacted by this breach will receive free identity theft protection services paid for by Deloitte. 

Once that free period of coverage ends, you may consider signing up for continued coverage on your own.