Deloitte Alerts Rhode Island to Significant Data Breach in RIBridges

Posted on by Admin
Deloitte Alerts Rhode Island to Significant Data Breach in RIBridges

Related Post


The State of Rhode Island has confirmed that its social services portal, the RIBridges system, has been subject to a major security threat.

It is likely that cybercriminals have obtained files with personally identifiable information in the cyber-attack, Rhode Island’s Department of Human Services (DHS) said in a statement.

The State was informed by its vendor, Deloitte, about the data breach and confirmed that there was malicious code present in the system on December 13.

“To the best of our knowledge, any individual who has received or applied for health coverage and/or health and human services programs or benefits could be impacted by this breach,” the DHS said in a statement.

Programs and benefits managed through the RIBridges system include, but are not limited to, Medicaid, the General Public Assistance Program and the Child Care Assistance Program.

Information exposed in the breach may include names, addresses, dates of birth and Social Security numbers, as well as certain banking information, but the state government is still assessing the situation.    

In response to the confirmed breach, the Rhode Island DHS has proactively taken the system offline so that the State and Deloitte can work to address the threat and restore the system as quickly as possible.

In addition, Deloitte has contracted with Experian to run a multilingual call center in response to the data breach.

“We will provide updates as the State continues to address the situation. At this time, the State and Deloitte are focused on addressing the threat,” the DHS statement said.

Earlier in December, the consultancy firm had been the subject of cyber-attack claim by Brain Cipher which Deloitte later confirmed to Infosecurity was in relation to a client of the company.

On December 5, Deloitte, that the RIBridges data system was the target of a potential cyber-attack.

The false claim by Brain Cipher was published on December 4 and said that the group had stolen 1TB of compressed data.

Public notice of the data breach cam over a week after the initial notice of a cyber-attack. The Rhode Island DHS said that it was important, for security reasons, to keep this knowledge internal until we could secure the RIBridges system.

State police and federal law enforcement are involved in an advisory capacity and no further leads have been provided.



Source link

Leave a Comment