Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label RIBridges. Show all posts
RIBridges
brain cipher Data Breach Extortion Rhode Island RIBridges

RIBridges Data Breach: Sensitive Information of Rhode Islanders Exposed

 



The RIBridges system, a very important tool for Rhode Island's social services, has become the latest victim of a ransomware attack, resulting in the leak of personal data belonging to hundreds of thousands of residents. This breach, orchestrated by the Brain Cipher ransomware group, has raised serious concerns about the security of systems handling sensitive information.


What is RIBridges?

RIBridges is the vital system for Rhode Island that runs social support programs, such as access to health care, food assistance, childcare, and more. Much of the private data in this compromise was made vulnerable to exploitation.  


Timeline of the Incident

1. First Warning: On December 5, Deloitte, the vendor responsible for RIBridges, warned Rhode Island officials that there may have been a security breach. 

2. Confirmation of Breach: By December 10, it was confirmed that hackers had indeed accessed the system. The hackers even published screenshots of the stolen file directories on Deloitte's screen.

3. Action Taken: Confirmation of presence of harmful code led to system shut down to minimize damage, and this occurred on December 13. 

 

What Data Was Leaked?

Last week, a group known as Brain Cipher began to leak their stolen files on the dark web. It claims to have included names, addresses, birth dates, Social Security numbers, and banking details of people. The list contained both adults and minors. Other reports also suggest that some file folders contained database backups and system archives. 


Implications for Rhode Island Residents

This breach has potentially exposed around 650,000 individuals to identity theft and fraud. Governor Dan McKee has advised residents to take immediate steps to protect their data. This includes freezing credit reports, monitoring accounts for unusual activity, and staying cautious of phishing attempts that may exploit the stolen information.  

The Brain Cipher ransomware group, operating since mid-2024, is known to use advanced encryption tools and a data leak website to extort victims. Its operations were first brought to public attention after attacking Indonesia's temporary National Data Center. In that attack, it used a modified version of a leaked codebase for an encryptor to breach RIBridges.

Although the data leak site from the gang remains inaccessible, reportedly as a result of a distributed denial-of-service attack, their negotiation page on Tor remains active. It appears they are still pushing the victims or perhaps even looking for further extortions.  


What's Being Done?

The IT teams in state work to comprehend the full effect of the breach and to secure the system. Residents are advised to stay vigilant and to take proactive steps to prevent these risks caused by the leakage of such data. This attack calls out the increased risk of ransomware and an increased need for cybersecurity measures in securing crucial public systems and sensitive information on individuals.




Read more »
Subscribe to: Posts (Atom)