Ransomware attackers threaten to release sensitive data from Rhode Island's social services, prompting authorities to alert citizens
In a concerning turn of events, a ransomware group called Brain Cipher has breached the RIBridges social services database managed by Deloitte, exposing the personal data of thousands of Rhode Island residents.
The attack, first disclosed on Dec. 5, targeted the system that supports personal data for residents enrolled in federal and state assistance programmes, including Medicaid, Supplemental Nutritional Assistance Program, Rhode Island Works, and health coverage purchased through HealthSource RI. The system also supports Medicaid, Temporary Assistance for Needy Families, and other programmes.
Deloitte officials confirmed the presence of malicious code in the system, and as a protective measure, the RIBridges system was taken offline. The hackers sent Deloitte officials a screenshot of some of the stolen information, hinting at the extent of the breach.
Brain Cipher, a mid-tier ransomware operation active since June this year, is believed to be behind the attack. The group operates using a multi-tiered extortion model, where data is stolen, encrypted, and threatened with public release if their demands are not met.
Regrettably, individual victims are often targeted with follow-up extortion attempts, even when organizations pay the ransom. In this case, Brain Cipher has begun leaking documents stolen during the attack, suggesting that negotiations or attempts to pay the ransom might not have been successful.
The data breach involves names, addresses, Social Security numbers, dates of birth, and certain personal banking information. The specific types of data leaked are not fully disclosed, but it typically includes personal identifiable information (PII) such as names, addresses, dates of birth, and potentially financial or health-related data, depending on the services provided by the RIBridges platform.
In response to the incident, Rhode Island has updated its data breach notification law to require faster disclosure and stricter reporting, aiming to enhance consumer protection in the wake of such incidents. Local governments, especially those in social services, often hold highly sensitive data and provide critical functions, making them an attractive target for ransomware operators.
Deloitte, in collaboration with the state agency, law enforcement officials, and Rhode Island officials, has launched an investigation into the matter. The company has not yet commented on whether it intends to pay the ransom.
[1] Source: https://www.cyberscoop.com/deloitte-ransomware-brain-cipher-ribridges-social-services-database/ [3] Source: https://www.reuters.com/article/us-usa-cybersecurity-rhodeisland-idUSKBN28S23G
- This cybersecurity incident, involving the ransomware group Brain Cipher, has raised privacy concerns as it has compromised personal data of thousands of Rhode Island residents, including names, addresses, Social Security numbers, and banking information.
- The technology sector, in particular the general-news, crime-and-justice arena, has been following this event closely, as Brain Cipher operates using a model that threatens to publicly release stolen data if demands are not met.
- As a result of the data breach, Rhode Island has strengthened its data breach notification law, aiming to enhance consumer protection in the face of such cybersecurity incidents, especially in social services where sensitive data is often stored.
