An unknown threat actor has stolen data belonging to potentially hundreds of thousands of residents of Rhode Island in a cyberattack and is threatening to release the data if a payment is not made.

The cyberattack was first detected on Dec. 5 when Rhode Island state officials were informed by its technology vendor, Deloitte Touche Tohmatsu Ltd., that the RIBridges data system had been the target of a potential cyberattack. RIBridges is Rhode Island’s integrated online system for managing public assistance programs.

Forward to Dec. 10 and Deloitte then advised the state that the RIBridges system had been breached and that those behind the breach had sent a screenshot of file folders stolen to Deloitte. The following day, Deloitte confirmed that there was a high probability that the folders contained personally identifiable data from RIBridges.

On Dec. 13, Deloitte confirmed that it had found malicious code in the system. The state then directed Deloitte to shut RIBridges down to remediate the threat.

According to a press release from the governor of Rhode Island, the data stolen may include any individual who has received or applied for health coverage or health and human services programs or benefits. The programs and benefits managed through the RIBridges system include Medicaid, the Supplemental Nutrition Assistance Program, Temporary Assistance for Needy Families, the Child Care Assistance Program, health coverage purchased through HealthSource Rhode Island, Rhode Island Works, Long-Term Services and Supports and the General Public Assistance Program.

Data stolen may include names, addresses, dates of birth, and Social Security numbers, as well as certain banking information. Rhode Island is providing those affected with free credit monitoring and a dedicated call center for assistance.

Data theft isn’t new, but some parts are missing from this story. Ransomware has not been mentioned, nor have any files reported being encrypted. However, ransomware operators in 2024 have been known to skip encryption and simply steal data to extort victims with a promise that the data will be released unless payment is made. Whether such an attack would still count as ransomware versus simply extortion likely doesn’t matter to the victims.

Whatever the finer details, hundreds of thousands of Rhode Island residents have had their personal data stolen weeks before the New Year, a new year that promises even more such attacks as ransomware operators and similar threat groups continue to cast a wide net for victims.

Image: SiliconANGLE/Ideogram

PROVIDENCE – Vendors working for the state have set up a call center to answer customer questions following the cyberattack earlier this month on Rhode Island’s public benefits computer system in which private information from hundreds of thousands of people was stolen. 

Deloitte, the information technology company that built and runs the system known as RIBridges and UHIP, contracted credit reporting agency Experian to run the multilingual call that opened Sunday morning. 

The toll-free hotline can be reached at 833-918-6603. It was set to remain open on Sunday until 8 p.m. and then continue operating from Mondays to Fridays between 9 a.m. and 9 p.m. 

“Call center staff will be able to provide general information about the breach as well as steps customers can take now to protect their data,” a news release from the Gov. Dan McKee’s office said. “Unfortunately, as the analysis of the data involved is still happening, call center staff will not be able to confirm whether a particular individual’s data is or is not included in the breach at this time.”  

“Once the impacted individuals are identified, they will be mailed a letter with the information they need to secure free credit monitoring services,” the release continued. 

Data breach: Governor says stolen data could be exposed in the coming week. Here’s what to do right now

The RIBridges system was shut down on Friday after Deloitte discovered dangerous malware embedded in its computer code. On Saturday, McKee said that the cybercriminals had stolen the personal data belonging to hundreds of thousands of Rhode Islanders. A negotiator has been holding ransom talks with the criminals, and it’s believed the data could be exposed as early as this week, the governor said at a news conference. 

Individuals who have received or applied for health coverage or health and human services programs or benefits could be affected by the data breach. The programs managed by the RIBridges system include: 

• Medicaid
• Supplemental Nutrition Assistance Program (SNAP)
• Temporary Assistance for Needy Families (TANF)  
• Child Care Assistance Program (CCAP)  
• Health coverage purchased through HealthSource RI
• Rhode Island Works (RIW) 
• Long-Term Services and Supports (LTSS)  
• General Public Assistance (GPA) Program  
• At HOME Cost Share 

State officials have urged anyone who has applied for benefits through the system since 2016 to change passwords and monitor their bank accounts for suspicious charges. 

The state has set up a website to provide information about the attack and steps customers can take to protect their data. It’s located at cyberalert.ri.gov. 

Data breach: RI computer network hit by major cyberattack, forcing public benefits system shutdown

Deloitte first alerted the state and police about a potential attack on Dec. 5. McKee said the state did not disclose that there could be a problem until the breach could be confirmed and to prevent triggering the release of personal data. 

He said he did not know how much money the hackers demanded, because Deloitte was communicating with them. However, he said he would have the final say on the decision to pay a ransom. 

I have bad news for single people in Warwick.

It’s supposedly one of the worst places for dating in America.

Out of 182 American cities surveyed by WalletHub, Warwick ranked in the bottom eight.

It’s below Grand Prairie, Texas – wherever that is – as well as Yonkers, New York, and Jackson, Mississippi.

Providence isn’t so great, either. It ranks 109^th.

WalletHub based this on percentage of singles, the cost of a meal for two, online dating “opportunities” and a few other metrics.

It got me thinking about dating in Rhode Island in general.

Not long ago, I did a story about Mary Hardy, 66, an X-ray and ER assistant from Smithfield who told me she’d been in the dating wars here for years.

I asked how it was going.

“Oh gosh,” she said, “frustrating, time-consuming. Basically, a full-time job if you really want to find somebody. But usually a big waste of time.”

She’d been on tons of apps – Bumble, Zoosk, Silver Seniors.

“I’m pretty much breaking my wrist swiping left,” she said.

At her age, the “supply” in Rhode Island isn’t perfect.

“Now, I’m not all that and a bag of chips,” Mary said, “but I know what lane I’m in. I’m not in the high-speed lane. But some of these dudes are in the breakdown lane.”

I have experience in this area, having dated in Rhode Island for years before I got married in 1988, and years after I got divorced in 2010.

There was more pressure the first go-around, since I was approaching my mid-30s while still never married. My Jewish mother would start phone calls with the same question.

“Anything new to report?”

Since that was before dating apps, there were probably more office romances – always a dicey gambit in a fishbowl.

Then again, all of Rhode Island sometimes feels the same. I was once on Thayer Street with a woman and walked right by someone else I’d been taking out. This led to a call later from the someone else, asking how I could be such a cad. I pointed out that we’d never talked about being exclusive, but it turns out there’s often an assumption that if you’ve dated 3.2 times, or even 2.3 times, you’re an item.

My brother “The Douglas” was much better at dating than I, being quite the schemer. For example, he always sent flowers to a woman at her place of work. That way, he said, the other women in the office will rush over and ask, “Who’s the great guy?”

A few times, he even sent flowers to a woman’s mother for having such an amazing daughter. That’s playing dirty, but it worked.

Once, he almost got into trouble when he brought a date home and suddenly, someone called on his answering machine. He had no doubt it was one of the other women he was dating, her voice about to sound on the machine’s speaker.

I asked what he did.

“I bearhugged the girl I was with around the ears and loudly said I was sooo glad to be with her.” Crisis averted. “She thought I was being really affectionate.”

Douglas frequently visited Rhode Island from Chicago for business and took up with a side-woman here. One night, I got a call from his hometown girlfriend who’d found a letter from his Providence paramour. The Chicago girlfriend wanted me to explain what was going on.

I had to weasel out of it on Douglas’s behalf, explaining that the Providence woman was, um, let me think – projecting a relationship that didn’t exist? Amazingly, she bought it. Forty years later, Douglas still owes me for that one.

We should give poor Warwick a break, because unsuccessful dating can happen anywhere in the state.

After being divorced, I had a date at what you’d think would be the ultimate Rhode Island locale for things to go smoothly – the restaurant at the Ocean House in Watch Hill. It was roughly halfway for both myself and a woman who was an ad hotshot at ESPN outside Hartford.

I think I blew it when I saw CNN notable John King – a Rhode Island guy – at another table. I excused myself to go chat with him, for probably too long, and the temperature at my own table had cooled when I returned.

Afterward outside, as she climbed into her car, I was about to ask through the window if she wanted to get together again, but before I got the question out, she peeled away, spraying a bit of gravel at my shins. I took that as a maybe.

In closing, I’d love to hear from any Warwick folks about the dating scene there. Is it better than what WalletHub says?

Or are you breaking your wrists swiping left?

mpatinki@providencejournal.com