A recent cyberattack on Rhode Island's health and benefits system has led to the release of files on the dark web, Governor Daniel McKee confirmed on Monday. The state has been proactive in preparing for such a scenario and has initiated an outreach strategy to alert potentially affected individuals to safeguard their personal information.
It remains uncertain whether all the stolen files from RIBridges have been made public on the dark web, an encrypted network accessible only through specialized tools for anonymity. The state's IT teams are currently analyzing the released files to determine the extent of the data breach.
Deloitte, the company responsible for building and maintaining RIBridges, has been in communication with the cybercriminals. Efforts are underway to compile a list of impacted individuals, who will receive letters with instructions on how to access free credit monitoring services.
Various state programs, including Medicaid, SNAP, Temporary Assistance for Needy Families, and health insurance through HealthSource RI, rely on RIBridges for operations. While the compromised data poses a risk of identity theft, there is no evidence yet of such misuse.
Governor McKee advised Rhode Islanders to take precautionary measures to protect their financial information, such as freezing their credit with the major reporting agencies, ordering free credit reports, and setting up fraud alerts. Additionally, residents are encouraged to use multi-factor authentication and remain vigilant against phishing attempts through fake emails, calls, or texts.
Law enforcement agencies are actively investigating the data breach, although the complexity of the crime presents challenges in apprehending the perpetrators. The state continues to work closely with relevant authorities to address the situation and mitigate potential risks to affected individuals.
