# Rhode Island Confronts Cybersecurity Crisis: Hackers Strike Deloitte-Managed Benefits System
Rhode Island is grappling with a cybersecurity crisis following a breach of the state’s public benefits platform, RIBridges, overseen by global consulting giant Deloitte. This intrusion has resulted in the suspension of vital online services, leaving countless residents unable to utilize essential programs like Medicaid, SNAP, and additional assistance services. State officials have labeled the incident as an “extortion-type activity,” heightening concerns over the rising incidence of cybercrime aimed at public infrastructure.
## **The Intrusion and Immediate Consequences**
The cyberattack was initially detected on December 5, 2024, when Deloitte alerted Rhode Island authorities about a possible breach. However, it wasn’t until December 10 that the state received confirmation of unauthorized access, after the hackers shared a screenshot of the folders they had infiltrated. By December 13, Deloitte verified the presence of harmful code in the RIBridges system, prompting Governor Dan McKee to mandate an urgent suspension of the platform.
“Within the Rhode Island Bridges system, a cybercriminal had deployed harmful malware that posed an immediate threat,” Governor McKee stated during a press briefing. “That is why we have decided to shut down the system for the time being. Users will temporarily be unable to access any customer portal linked to the Rhode Island Bridges services.”
The breach has already led to a class-action lawsuit against Deloitte, filed in federal court. The lawsuit highlights the grave nature of the situation and raises concerns regarding the firm’s capability to safeguard sensitive information.
## **What Information Was Exposed?**
The breach may have compromised a substantial amount of personally identifiable information (PII), including names, addresses, birth dates, Social Security numbers, and even bank account information. According to the governor’s office, anyone who has applied for or received benefits through RIBridges could potentially be impacted. This encompasses individuals in programs such as:
– Medicaid
– Supplemental Nutrition Assistance Program (SNAP)
– Temporary Assistance for Needy Families (TANF)
– Child Care Assistance Program (CCAP)
– Rhode Island Works (RIW)
– Long-Term Services and Supports (LTSS)
– General Public Assistance (GPA) Program
– Health coverage acquired through HealthSource RI
The complete extent of the breach is currently under investigation, and officials have not yet ascertained how many individuals are affected.
## **A Challenging History with Deloitte**
Rhode Island’s choice to persist with its partnership with Deloitte has attracted criticism, considering the firm’s problematic history with the RIBridges platform. Initially launched in 2016 as the Unified Health Infrastructure Project (UHIP), the system suffered from considerable cost overruns and technical setbacks. Despite these challenges, the state entered into a new three-year agreement with Deloitte in 2021.
Critics contend that Deloitte’s previous performance should have raised alarms. The ongoing breach has further amplified demands for increased accountability and oversight in the management of public IT frameworks.
## **State Actions and Future Steps**
In response to the situation, Rhode Island has implemented several measures:
1. **System Suspension:** The RIBridges platform has been taken offline to confront the threat and avert additional unauthorized access.
2. **Paper Applications:** Residents needing benefits can now submit paper applications, which are accessible on the state’s Department of Human Services website.
3. **Credit Monitoring:** The state will offer complimentary credit monitoring services to those whose data may have been compromised. Affected residents will receive letters detailing how to access these services.
4. **Call Center:** Deloitte has engaged Experian to manage a call center (833-918-6603) for general inquiries regarding the breach. Nevertheless, the center cannot currently confirm whether specific individuals’ data has been compromised.
Despite these actions, the state has not disclosed a timeline for the restoration of the RIBridges system.
## **“Extortion-Type Activity”**
In contrast to conventional ransomware attacks, where hackers encrypt data and demand ransom for its recovery, this breach seems to involve extortion. Rhode Island Chief Digital Officer Brian Tardiff indicated that the hackers are requesting funds from the state, but have not implemented ransomware within the system. The specific amount demanded remains undisclosed.
Federal law enforcement and state police are collaborating in the investigation, but no significant leads have emerged. The state has stressed that it postponed public disclosure of the breach to secure the system and mitigate further damage.
## **Implications for Residents and Public Confidence**
The breach has left numerous Rhode Islanders concerned about the security of their personal data. For those dependent on public assistance programs, the system suspension has introduced additional challenges, as they must now deal with paper applications to access benefits.
This incident also raises broader questions about the security of public IT systems and the responsibility of private contractors like Deloitte in managing sensitive information. As cyberattacks on government systems become increasingly prevalent, states must prioritize investment in strong cybersecurity measures to protect
