Update 01/10/2025: State of Rhode Island Sends Official Letters to Individuals Impacted by RIBridges Data Breach
Governor Dan McKee announced that letters from the State of Rhode Island are being mailed today, January 10, 2025, to individuals impacted by the breach of the RIBridges database managed by Deloitte. The letters confirm that personal data belonging to the recipient or someone in their care was breached by cybercriminals and provide directions on how to access five years of free credit monitoring through Experian using an activation code provided in the letters. The deadline to sign up for free credit monitoring online or via phone is April 30, 2025.
The letters will have the State seal in the top left corner. We expect that it may take several days for this information to reach recipients. We know this remains a concerning situation for customers and we appreciate your patience while the letters are delivered.
As a reminder, Deloitte is still reviewing the contents of all the breached files. It is likely that more individuals will be identified. If that proves to be the case, additional letters will be mailed once those names are identified.
If you receive a letter and have questions about the data breach or how to sign up for free credit monitoring, you can call the RIBridges Data Breach Hotline at 833-918-6603 on Monday – Friday from 9 a.m. to 9 p.m. and Saturday – Sunday from 11 a.m. to 8 p.m. If you do not have an activation code because you did not receive a letter, the RIBridges Data Breach Hotline will not be able to enroll you in free credit monitoring or confirm you are impacted.
UPDATE 12/30/24
Extended RI Bridges Call Center Hours
Please call 833-918-6603 Monday – Friday, 9 a.m. to 9 p.m. Saturday – Sunday 11 a.m. to 8 p.m.
Call center staff will be able to provide general information about the breach as well as steps customers can take now to protect their data. Unfortunately, as the analysis of the data involved is still happening, call center staff will not be able to confirm whether a particular individual’s data is or is not included in the breach at this time.
NOTE: The Call Center will not be open on New Year’s Eve and New Year’s Day, December 31 and January 1.
UPDATE: 12/30/24 Extended HealthSource RI Call Center Hours
To increase access as the year ends, HealthSource RI has extended the hours of its call center.
Please call 1-855-840-4774
Monday, December 30, 2024 — 8:00 a.m. - 8:00 p.m.
Tuesday, December 31, 2024 — 8:00 a.m. - 8:00 p.m.
Unfortunately, Deloitte has informed us that the cybercriminal released at least some RIBridges files to a site on the dark web. This is a scenario that the State has been preparing for, which is why earlier this month we launched a statewide outreach strategy to encourage potentially impacted Rhode Islanders to protect their personal information. Right now, IT teams are working diligently to analyze the released files. This is a complex process and we do not yet know the scope of the data that is included in those files, but as we’ve been saying for several weeks, we should assume that data contained in the RIBridges system has been compromised.
While this data has been compromised, that does not mean it has been used for identity theft purposes—yet. That is why we urge Rhode Islanders to take these five simple steps to protect your financial information now.
1. Freeze Your Credit: Reach out to all three credit reporting agencies to freeze your credit. This is free and means no one else can take out a loan or establish credit in your name. You won’t lose access to your money or credit cards. You can lift the freeze at any time.
NEW: If minors have received benefits or services from these programs, their guardians should also take steps to freeze and monitor the children’s credit.
2. Monitor Your Credit: Contact one of the three credit reporting agencies to order a free credit report. You can also access a free credit report through AnnualCreditReport.com.
3. Request a Fraud Alert: Ask one of the credit reporting agencies to place a fraud alert on your files. This is free and lets creditors know to contact you before any new accounts can be opened in your name. Asking one agency to do this will cover this step for all three agencies.
4. Use Multi-factor Authentication: This means instead of having just one password to access your information, you have a safety backup to help prove that it’s really you before you can log into your account.
5. Be Aware: Because of the breach, you may receive fake emails, phone calls or texts that look legitimate. Remember, never share personal information – such as your social security number, date of birth or password – through an unsolicited e-mail, call or text.
The latest updates on the situation and information on how to reach credit reporting agencies are available online at cyberalert.ri.gov. You can also find information on how to protect minors.
The State is working with Deloitte to generate the list of impacted individuals. Once we have that information, we will send letters to those individuals with instructions on how to access free credit monitoring. We understand that this situation is concerning, and we appreciate Rhode Islanders’ patience as we continue to navigate this challenge together.
.
Details about the Data Breach
To the best of our knowledge, any individual who has received or applied for state health coverage or health and human services programs or benefits could be impacted by this breach. The programs and benefits managed through the RIBridges system include but are not limited to:
- Medicaid
- Supplemental Nutrition Assistance Program (SNAP)
- Temporary Assistance for Needy Families (TANF)
- Child Care Assistance Program (CCAP)
- Health coverage purchased through HealthSource RI
- Rhode Island Works (RIW)
- Long-Term Services and Supports (LTSS)
- General Public Assistance (GPA) Program
- At HOME Cost Share
While the analysis of the breach is still underway, unfortunately, Deloitte has indicated that the information involved may include names, addresses, dates of birth and Social Security numbers, as well as certain banking information, but is still assessing the situation.
What You Can Do
Households that have had personal information compromised will receive a letter by mail from the State that explains how to access free credit monitoring.
In response to the RIBridges data breach, Deloitte has contracted with Experian to run a call center which is open:
Monday – Friday, 9 a.m. to 9 p.m.
Saturday – Sunday 11 a.m. to 8 p.m.
Call center staff will be able to provide general information about the breach as well as steps customers can take now to protect their data. Unfortunately, as the analysis of the data involved is still happening, call center staff will not be able to confirm whether a particular individual’s data is or is not included in the breach at this time.
We are currently unaware of any identity theft or fraud related to this data breach. However, we advise customers to remain vigilant and monitor their accounts for any unauthorized activity. This includes:
#1: Freeze Your Credit
Reach out to all three credit reporting agencies to freeze your credit. This is free and means no one else can take out a loan or establish credit in your name. You won’t lose access to your money or credit cards. You can lift the freeze at any time.
#2: Monitor Your Credit
Contact one of the three credit reporting agencies to order a free credit report. You can also access a free credit report through AnnualCreditReport.com.
#3: Request a Fraud Alert
Ask one of the credit reporting agencies to place a fraud alert on your files. This is free and lets creditors know to contact you before any new accounts can be opened in your name. Asking one agency to do this will cover this step for all three agencies.
#4 Use Multifactor Authentication
This means instead of having just one password to access your information, you have a safety backup to help prove that it’s really you before you can log into your account.
#5 Be Aware
Because of the breach, you may receive fake emails, phone calls or texts that look legitimate. Remember, never share personal information – such as your social security number, date of birth or password – through an unsolicited e-mail, call or text.
| ONLINE | https://www.equifax.com/personal/credit-report-services | https://www.experian.com/help/ https://www.transunion.com/customer-supp... | https://www.transunion.com/customer-support/ |
| By Phone | 1-888-298-0045 | 1-888-397-3742 | 1-800-916-8800 |
| By Mail: Fraud Alert (alerting one alerts them all) | Equifax Fraud Alert, P.O. Box 105069, Atlanta GA 30348-5069 | Experian Fraud Alert, P.O. Box 9554, Allen TX, 75013 | TransUnion Fraud Alert, P.O. Box 2000, Chester, PA 19016 |
| TransUnion Fraud Alert, P.O. Box 2000, Chester, PA 19016 | Equifax Credit Freeze Alert, P.O. Box 105788, Atlanta GA 30348-5788 | Experian Credit Freeze, P.O. Box 9554, Allen TX, 75013 | TransUnion Credit Freeze, P.O. Box 160, Chester, PA 19094 |
McKee Administration Update –RIBridges Data Breach: December 15, 2024
RIBridges Data Breach Call Center Opens Today
In response to the RIBridges data breach, Deloitte has contracted with Experian to run a multilingual call center. A toll-free hotline will open today, Sunday, December 15, from 11 a.m. to 8 p.m. at 833-918-6603.
After Sunday, December 15, the hotline will be open Mondays through Fridays from 9 a.m. to 9 p.m.
Call center staff will be able to provide general information about the breach as well as steps customers can take now to protect their data. Unfortunately, as the analysis of the data involved is still happening, call center staff will not be able to confirm whether a particular individual’s data is or is not included in the breach at this time.
Once the impacted individuals are identified, they will be mailed a letter with the information they need to secure free credit monitoring services.
As a reminder, to the best of our knowledge, any individual who has received or applied for health coverage and/or health and human services programs or benefits could be impacted by this breach. The programs and benefits managed through the RIBridges system include but are not limited to:
- Medicaid
- Supplemental Nutrition Assistance Program (SNAP)
- Temporary Assistance for Needy Families (TANF)
- Child Care Assistance Program (CCAP)
- Health coverage purchased through HealthSource RI
- Rhode Island Works (RIW)
- Long-Term Services and Supports (LTSS)
- General Public Assistance (GPA) Program
- At HOME Cost Share
On Saturday, Governor McKee held a press conference to urge those who may be impacted by the breach to take immediate steps to safeguard their personal information. Those steps include but are not limited to requesting a credit freeze from the three credit bureaus, signing up for free credit monitoring, and implementing a two-step verification process (dual-factor authentication) for all your financial accounts. EBT fraud prevention tips are available at dhs.ri.gov/resources.
For the latest information on the breach and steps you can take to protect your personal information today, visit cyberalert.ri.gov.
RIBridges Data Breach - Friday, December 13, 2024
Background
On December 13, 2024, the State was informed by its vendor, Deloitte, that there was a major security threat to the RIBridges system. In response, we have proactively taken the system offline so that the State and Deloitte can work to address the threat and restore the system as quickly as possible. Additionally, Deloitte confirmed that there is a high probability that a cybercriminal has obtained files with personally identifiable information from RIBridges.
Information for Customers
We understand this is an alarming situation for our customers. Current customers will not be able to log into their account through the portal or the mobile app while the system is offline. Updates will be made available at https://admin.ri.gov/ribridges-alert [zk8ngbyab.cc.rs6.net]
Rhode Islanders seeking to apply for benefits can still submit a paper application.
Details about the Threat
On December 5, the State was informed by its vendor, Deloitte, that the RIBridges data system was the target of a potential cyberattack. At that time, it was unclear if any sensitive information was breached. At that time, appropriate federal law enforcement and agencies were notified, as well as the Rhode Island State Police.
After consultation with our state IT department, Deloitte immediately implemented additional security measures and started to assess the threat. It was important, for security reasons, to keep this knowledge internal until we could secure the RIBridges system. At the same time, our team began an investigation into what data may have been compromised, and how a possible attack was able to occur.
On December 10, the State received confirmation from Deloitte that there had been a breach of the RIBridges system based on a screenshot of file folders sent by the hacker to Deloitte. On December 11, Deloitte confirmed that there is a high probability that the implicated folders contain personal identifiable data from RIBridges. On December 13, Deloitte confirmed there was malicious code present in the system, and the State directed Deloitte to shut RIBridges down to remediate the threat. State police and federal law enforcement are involved in an advisory capacity and no further leads have been provided.
Details about the Data Breach
To the best of our knowledge, any individual who has received or applied for health coverage and/or health and human services programs or benefits could be impacted by this leak. The programs and benefits managed through the RIBridges system include but are not limited to:
- Medicaid,
- Supplemental Nutrition Assistance Program (SNAP),
- Temporary Assistance for Needy Families (TANF),
- Child Care Assistance Program (CCAP),
- Health coverage purchased through HealthSource RI
- Rhode Island Works (RIW),
- Long-Term Services and Supports (LTSS) and
- General Public Assistance (GPA) Program.
While the analysis of the breach is still underway, unfortunately, Deloitte has indicated that the information involved may include names, addresses, dates of birth and Social Security numbers, as well as certain banking information, but is still assessing the situation.
Households that may have had personal information compromised will receive a letter by mail from the State that explains how to access free credit monitoring. A dedicated call center for impacted customers will be available Sunday, December 15 from 11 a.m. to 8 p.m. After Sunday, the call center will be open Mondays through Fridays from 9 a.m. to 9 p.m. EDT. The State will update its website with the call center number on Sunday morning.
We are currently unaware of any identity theft or fraud related to this data breach. However, we advise customers to remain vigilant and monitor their accounts for any unauthorized activity. This includes:
Taking steps to freeze credit and/or place a fraud alert through the three major credit bureaus (Visit https://www.usa.gov/credit-freeze [zk8ngbyab.cc.rs6.net] for more information and see contact information for the three credit bureaus below).
As a best practice, customers should change any common or reused passwords to a new strong and unique one. Using a safe and secure password manager is the most effective way to reduce risks of password misuse.
Customers can also call their bank to ask what steps may be taken related to the security of their bank account.
We will continue to provide updates as we receive them. Please visit our website for the latest information: https://admin.ri.gov/ribridges-alert
