The Rhode Island government has confirmed that hackers responsible for a recent ransomware attack targeting state digital platforms have begun leaking stolen data. This comes as consulting firm Deloitte works to restore affected systems.
State officials reported that the ransomware group, known as Brain Cipher, released files stolen from platforms including HealthSource RI, the state’s affordable health coverage marketplace, and the RIBridges system, which manages social service programs. Deloitte, the developer of these systems, informed the state of the data leak.
“This is a scenario that the State has been preparing for, which is why earlier this month we launched a statewide outreach strategy to encourage potentially impacted Rhode Islanders to protect their personal information,” the state said in a December 31 statement.
“Right now, IT teams are working diligently to analyze the released files. This is a complex process, and we do not yet know the scope of the data that is included in those files. However, as we’ve been saying for several weeks, we should assume that data contained in the RIBridges system has been compromised.”
Impact and Response
Rhode Island officials estimate that approximately 650,000 residents rely on the affected systems. The state is collaborating with Deloitte to identify impacted individuals and plans to send breach notification letters to those affected.
Governor Dan McKee previously warned that the stolen data likely includes sensitive information such as:
- Names
- Addresses
- Dates of birth
- Social Security numbers
- Banking information
- Other personal details
Officials have urged those potentially impacted to take immediate steps to protect their information, including freezing credit, requesting fraud alerts from banks, enabling multifactor authentication, and monitoring children’s credit.
“People need to act fast when it comes to protecting their personal information, and for some, that includes keeping an eye on their child’s credit,” McKee emphasized. “Our State is committed to providing timely updates and resources so that Rhode Islanders and their families can take action to secure their credit and data.”
Brain Cipher Ransomware and Controversy
The ransomware gang Brain Cipher initially claimed responsibility for breaching Deloitte, but the company denied being directly attacked. Governor McKee later clarified that Deloitte informed the state on December 5 that the ransomware attack targeted the systems the firm had built for Rhode Island. By December 23, Brain Cipher confirmed that the stolen data originated from Rhode Island systems.
The handling of ransom negotiations has sparked backlash, as Deloitte, not Rhode Island law enforcement, the FBI, or other U.S. agencies, managed the discussions. Critics argue this approach undermined state oversight and transparency.
Disruption of State Services
The attack has severely impacted crucial state services, especially during the holiday season. RIBridges, which determines eligibility for programs like Supplemental Nutrition Assistance Program (SNAP), Medicaid, and cash assistance, remains unavailable for enrollment. Residents needing affordable health coverage have faced delays, forcing them to visit state offices in person or call state facilities for assistance.
To address these issues, Rhode Island has expanded call center hours through the first days of the new year, allowing residents to:
- Choose a plan
- Make payments
- Inquire about account status
Brain Cipher’s Global Reach
The Brain Cipher ransomware group, a variant of the infamous LockBit 3.0 ransomware, has been active since June. In July 2024, the group disrupted Indonesia’s national data center, affecting immigration checks and other public services. Jon Miller, CEO of cybersecurity firm Halcyon, noted Brain Cipher’s evolving tactics and its potential for widespread disruption.
Moving Forward
As Deloitte continues its efforts to restore Rhode Island’s systems, the state’s outreach strategy and enhanced support services aim to mitigate the attack’s impact. However, the incident highlights the vulnerabilities in public sector cybersecurity and underscores the importance of robust protective measures to safeguard critical systems and sensitive data.
Support truth, health, and preparedness by shopping the Alex Jones Store through our link. Every purchase helps sustain independent voices and earns us a 10% share to fuel our mission. Shop now and make a difference!
https://thealexjonesstore.com?sca_ref=7730615.EU54Mw6oyLATer7a
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
