Cybercriminals who hacked Rhode Island’s system for health and benefits programs have released files to a site on the dark web, a scenario the state has been preparing for, Gov. Daniel McKee said Monday.
The state has an outreach strategy to encourage potentially impacted Rhode Islanders to protect their personal information, according to a press release from McKee’s office. The governor said it wasn’t yet clear if all of the files stolen from RIBridges have been posted to the dark web, a part of the internet hosted within an encrypted network and accessible only through specialized anonymity-providing tools.
“Right now, IT teams are working diligently to analyze the released files. This is a complex process and we do not yet know the scope of the data that is included in those files,” according to a statement from McKee’s office.
McKee said in an afternoon press conference that Deloitte, the company that built and maintains RIBridges, has been in contact with the cybercriminals.
The state is working with Deloitte to generate the list of impacted individuals, officials said. Letters will be sent to those individuals with instructions on how to access free credit monitoring.
State programs that rely on RIBridges include Medicaid, the Supplemental Nutrition Assistance Program known as SNAP, Temporary Assistance for Needy Families, Childcare Assistance Program, Rhode Island Works, Long-term Services and Supports, the At HOME Cost Share Program and health insurance purchased through HealthSource RI.
“While this data has been compromised, that does not mean it has been used for identity theft purposes—yet,” the statement added.
McKee urged Rhode Islanders to take a series of steps to protect their financial information including: reaching out to all three credit reporting agencies — Equifax, Experian, and TransUnion — to freeze their credit; contacting one of the reporting agencies to order a free credit report; and requesting a fraud alert be placed on credit files.
Residents should also use multi-factor authentication instead of just one password to access their information and be on the lookout for fake emails, phone calls or texts that look legitimate.
Law enforcement officials are also investigating the data breach, McKee said, although he said the chances of apprehending those responsible is daunting given the nature of the crime.
Related: Cl0p Ransomware Group to Name Over 60 Victims of Cleo Attack
