Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
- RIBridges data was leaked on the Dark Web
- The ransomware attack happened on December 5th
- The Brain Cipher ransomware group has now claimed responsibility for the attack
The ransomware gang involved in the recent attack against Rhode Island The health coverage, human services and benefit programs website, RIBridges, has begun releasing documents from the attack.
The Encrypted Brain ransomware The group began releasing documents on its data leak site last week, likely in an effort to put pressure on RIBridges and the State to pay the ransomware fee.
RIBridges was first targeted on December 5, 2024, before state-owned vendor Deloitte confirmed the breach on December 10 after being sent a screenshot of internal systems by the attackers, and reported to the state that the attackers had successfully accessed the data and had potentially stolen it. .
Data on adults and minors filtered
The data stolen in the attack could include names, addresses, dates of birth, Social Security numbers, and some banking information, and could affect up to 650,000 individuals who used the RIBridges system.
Cybersecurity researcher Connor Goodwolf downloaded the leaked files and provided several screenshots of folders, with some shown to contain tens of gigabytes of data.
“Ransomware group Brain Cipher has released breach data from the Deloitte RIBridges hack, containing PII not only of adults, but of minors,” Goodwolf added in a post on. X (formerly Twitter). Screenshots from the site also show a statement from the Brain Cipher group that says: “It looks like it was easier to pay and fix everything.”
Rhode Island Governor Daniel McKee confirmed that data from the RIBridges system was leaked online in a declaration“Deloitte informed us that the cybercriminal has released some RIBridges files on the dark web. While IT teams are working diligently to analyze the files, the most important thing Rhode Islanders can do is protect their personal information now.
Rhode Island state officials have advised that individuals who believe they may have been affected by the ransomware attack should use free credit monitoring services provided by the state to freeze and monitor their credit, as well as be vigilant against potential phishing attacks targeting compromised email addresses. .
