Deloitte incurs a $5 million charge, linked to a security issue on the Rhode Island employee benefits platform.
In a troubling turn of events, a ransomware collective known as Brain Cipher has claimed responsibility for the breach of the Rhode Island RIBridges social services system. The breach, which occurred in December, resulted in the exposure of the personal information of over 709,000 Rhode Island residents.
The attack involved the deployment of ransomware and the exposure of sensitive Personal Identifiable Information (PII), indicating a data breach with the aim likely of extortion and disruption of social services. Brain Cipher has been associated with using malware such as the RevC2 backdoor and Venom Loader, tools facilitating persistent access and payload delivery, respectively.
The RIBridges program, managed by Deloitte, provides food assistance, health insurance, cash benefits, and other services to Rhode Island residents in need. The stolen data included a combination of names, addresses, Social Security numbers, dates of birth, phone numbers, health information, and banking information. After the breach, hackers threatened to release the data, and state officials warned residents to be on watch for potential fraud.
Following the breach, Rhode Island authorities confirmed the incident and subsequently updated state data breach notification laws to require faster disclosure and stricter consumer protection to mitigate the fallout from such incidents. The stolen data was extensively tested and remediation was conducted to determine the safety of the system for use.
In a move to address the immediate and unexpected expenses related to the breach, Deloitte paid $5 million to the state of Rhode Island. This sum will cover the costs of a call center, credit monitoring, and identity protection services for customers affected by the breach.
A third-party forensics report, provided to state officials in January, gave officials enough confidence in the security of the portal to begin a phased relaunch of online services. In late January, the state began this phased relaunch of the customer portal after RIBridges was taken offline in December.
While the specific motivations and links to state sponsorship of Brain Cipher are not fully understood, the group's activity fits the broader ransomware trend of exfiltrating data for leverage. This incident underscores the increasing risk ransomware groups pose to public sector social services and the necessity for robust cybersecurity and regulatory response measures.
- The incident involving Brain Cipher's ransomware attack on the Rhode Island RIBridges social services system exposed sensitive Personal Identifiable Information (PII), highlighting the increasing risk ransomware groups pose to public sector data-and-cloud-computing.
- In a general-news context, the attack on the social services system underlines the importance of implementing strong cybersecurity measures to protect against crime-and-justice related activities such as data breaches and extortion.
- The widespread use of technology in modern society, including in social services, necessitates constant vigilance and robust cybersecurity measures to counter threats like the ransomware attack carried out by Brain Cipher, as highlighted by the Rhode Island RIBridges breach.
