Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Rhode Island. Show all posts
RIBridges
brain cipher Data Breach Extortion Rhode Island RIBridges

RIBridges Data Breach: Sensitive Information of Rhode Islanders Exposed

 



The RIBridges system, a very important tool for Rhode Island's social services, has become the latest victim of a ransomware attack, resulting in the leak of personal data belonging to hundreds of thousands of residents. This breach, orchestrated by the Brain Cipher ransomware group, has raised serious concerns about the security of systems handling sensitive information.


What is RIBridges?

RIBridges is the vital system for Rhode Island that runs social support programs, such as access to health care, food assistance, childcare, and more. Much of the private data in this compromise was made vulnerable to exploitation.  


Timeline of the Incident

1. First Warning: On December 5, Deloitte, the vendor responsible for RIBridges, warned Rhode Island officials that there may have been a security breach. 

2. Confirmation of Breach: By December 10, it was confirmed that hackers had indeed accessed the system. The hackers even published screenshots of the stolen file directories on Deloitte's screen.

3. Action Taken: Confirmation of presence of harmful code led to system shut down to minimize damage, and this occurred on December 13. 

 

What Data Was Leaked?

Last week, a group known as Brain Cipher began to leak their stolen files on the dark web. It claims to have included names, addresses, birth dates, Social Security numbers, and banking details of people. The list contained both adults and minors. Other reports also suggest that some file folders contained database backups and system archives. 


Implications for Rhode Island Residents

This breach has potentially exposed around 650,000 individuals to identity theft and fraud. Governor Dan McKee has advised residents to take immediate steps to protect their data. This includes freezing credit reports, monitoring accounts for unusual activity, and staying cautious of phishing attempts that may exploit the stolen information.  

The Brain Cipher ransomware group, operating since mid-2024, is known to use advanced encryption tools and a data leak website to extort victims. Its operations were first brought to public attention after attacking Indonesia's temporary National Data Center. In that attack, it used a modified version of a leaked codebase for an encryptor to breach RIBridges.

Although the data leak site from the gang remains inaccessible, reportedly as a result of a distributed denial-of-service attack, their negotiation page on Tor remains active. It appears they are still pushing the victims or perhaps even looking for further extortions.  


What's Being Done?

The IT teams in state work to comprehend the full effect of the breach and to secure the system. Residents are advised to stay vigilant and to take proactive steps to prevent these risks caused by the leakage of such data. This attack calls out the increased risk of ransomware and an increased need for cybersecurity measures in securing crucial public systems and sensitive information on individuals.




Read more »
User Security
Cyber Attacks Data Leak Private Data Rhode Island User Security

Rhode Island Residents Warned of Cyberattack Targeting State Government

 

Rhode Island officials have issued an urgent advisory for residents to take immediate precautions following a significant cyberattack on the state government. Authorities are warning that private data, including Social Security and bank account details, may soon be exposed due to the breach.

Governor Dan McKee and other state officials held a press conference earlier this week to address the situation and provide guidance. “We know this situation is alarming, and it’s stressful,” McKee stated. He encouraged residents to bookmark the official website where updates on the incident will be posted.

Details of the Cyberattack

The breach occurred on December 5, when officials discovered that an international cybercriminal gang might have hacked into RIBridges, the state system previously known as UHIP. This platform supports various health and benefits programs. Concerns escalated after hackers shared a screenshot of file folders from RIBridges, suggesting that malware had been installed on the system.

Preliminary investigations indicate that the hackers may have accessed sensitive information from hundreds of thousands of residents who have used state programs over the past eight years. Impacted individuals will receive a notification letter from the state.

Affected State Programs

The affected programs include:

  • Medicaid
  • Supplemental Nutrition Assistance Program (SNAP)
  • Temporary Assistance for Needy Families (TANF)
  • Child Care Assistance Program (CCAP)
  • HealthSource RI health insurance
  • Rhode Island Works
  • Long-Term Services and Supports (LTSS)
  • General Public Assistance (GPA)
  • AT HOME cost-sharing

As a precaution, these programs will transition to paper applications starting next week, as the HealthyRhode online portal remains offline during the investigation.

Matt Weldon, director of the Rhode Island Department of Labor and Training, assured residents that the state’s separate system for unemployment insurance and other out-of-work benefits has not been affected by the cyberattack.

Steps for Residents to Protect Themselves

Michael Tetreault, a cybersecurity advisor with the U.S. Department of Homeland Security, provided the following recommendations for Rhode Islanders who believe they may be impacted:

  • Strengthen your passwords and avoid using the same password across multiple accounts.
  • Enable multi-factor authentication (MFA) on all online accounts.
  • Contact the three major credit-monitoring bureaus to freeze your credit as a precaution.

While the investigation continues, officials are urging residents to remain vigilant and take necessary measures to safeguard their personal information. Regular updates will be provided on the state’s official website, ensuring transparency and assistance for affected individuals.

Read more »
Subscribe to: Posts (Atom)