Rhode Island Residents: Your Personal Data May Be Leaked After RIBridges Breach
If you are a Rhode Island resident and have recently applied for government assistance through RI bridgeyour personal data is likely to be compromised in a new data breach.
Hackers stole RIBridges account holders’ names, dates of birth, social security number and bank information, government officials said. As of Tuesday, the cybercriminal group responsible for the attack, brain codeholds data to ransom and is Threats to leak it to the dark web.
Your data may be at risk if you have received the following benefits since RIBridges was launched in 2016:
- Medicaid Supplemental Nutrition Assistance Program
- Temporary Assistance for Needy Families
- child care assistance program
- Health insurance purchased through HealthSource
- RI Rhode Island Factory
- Long-term service and support
- Family General Public Assistance Program Cost Sharing
James Lee, chief operating officer of the Identity Theft Resource Center, told CNET in an email: “State government agencies are often considered low-hanging fruit because they may lack the most sophisticated cybersecurity protections but possess the identity criminals want. Very valuable information.”
The RIBridges online portal operated by Deloitte has been temporarily closed as authorities work to remediate the threat. Deloitte confirmed the breach on December 11, which is believed to have affected hundreds of thousands of residents.
Deloitte, with More than 25 states in the United Statestold the news outlet that only RIBridges’ systems were affected by the Brain Cipher attack. The company did not immediately respond to CNET’s request for comment.
“After consultation with our state IT department, Deloitte immediately implemented additional security measures and began assessing the threat,” The governor’s office said in a statement on its website.
If you were affected by the breach, you will be notified in the coming weeks and will receive identity theft and credit monitoring services paid for by Deloitte, state officials said in a Dec. 14 news release.
For the latest information on breaches, you can visit cyberalert.ri.gov
What should I do if I am affected by the RIBridges hack?
If your data is compromised in a cyberattack, your personally identifiable data may be exposed on the dark web and you may be exposed to fraud. There are some things you can do to help protect your identity and potentially deter identity thieves.
in a short video On December 16, Rhode Island Governor Daniel McKee outlined some steps residents can take to limit the consequences of a data breach. As a cybersecurity editor, I’ve added some more helpful steps to this list to lock down any sensitive data.
Update your password
You should change the password for your RIBridges account as soon as possible. If you use the same password on other accounts, change those passwords as well.
Set up multi-factor authentication
Multi-factor authentication is a great way to protect your account from scammers trying to commit fraud. When you log into your account, the website or mobile app will send a verification code via email or text message to confirm that you are indeed logged into the account.
the latest one A CNET survey found 41% of U.S. adults signed up for two-factor authentication after a data breach.
Request a copy of your credit report
you should Request a copy of your credit report Get it from each credit bureau and check for any errors or accounts you didn’t open. It pays to do this several times a year, especially when you know your personal data has been compromised by a breach.
You can request a free copy of your credit report each week at: annualcreditreport.com.
Freeze your credit report
McKee recommends residents contact all three credit reporting agencies (Experian, TransUnion and Equifax) and Freeze their credit. Freezing your credit ensures that no one can open a new line of credit in your name and add to your debt credit score. However, in order to apply for credit on your own, you need to temporarily unfreeze or “unfreeze” your credit.
“Freezing your credit can be done online in minutes from your smartphone or computer,” Lee said.
Alternatively, you can place Fraud alert On your credit report, the report will notify you if someone is trying to access your credit file. However, the fraud alert only lasts for 12 months and does not prevent creditors from viewing your report. This may be a good option if you anticipate applying for credit soon and just want to be notified before an account is opened in your name.
Watch out for phishing attacks
If your personal data was exposed in a breach, you may start receiving phishing attempts from scammers trying to gain access to your financial accounts or obtain more personal information.
These scams can be carried out via text messages, emails and phone calls and can take many forms – Undelivered package scam and fake job opportunities in cryptocurrency scams.
Never give out your personal information, including your SSN and passport number, through any unsolicited communication.
Sign up for identity theft protection
RIBridges account holders affected by this breach will receive free identity theft protection services from Deloitte Payments.
After the free coverage period ends, you may consider Sign up to continue reporting On your own.
