Ransomware attackers leak stolen private information from Rhode Island after hack
- RIBridges data has been leaked on the Dark Web
- The ransomware attack took place on December 5
- The ransomware group Brain Cipher has now claimed responsibility for the attack
The ransomware gang involved in the recent attack on Rhode Island’s health, human services and benefits program website RIBridges has begun leaking documents about the attack.
The ransomware group Brain Cipher began leaking documents on its data breach site last week, likely in an attempt to pressure RIBridges and the state to pay the ransomware costs.
RIBridges was first attacked on December 5, 2024, before state vendor Deloitte confirmed the breach on December 10 after the attackers received a screenshot of internal systems, informing the state that the attackers had successfully accessed and potentially compromised data had stolen. .
Data about adults and minors has been leaked
The data stolen in the attack may include names, addresses, dates of birth, social security numbers and certain banking information, and could affect up to 650,000 individuals who used the RIBridges system.
Cybersecurity researcher Connor Goodwolf downloaded the leaked files and provided several screenshots of folders, some of which contained tens of gigibytes of data.
“Ransomware group Brain Cipher has released the breach data from the Deloitte RIBridges hack, which includes PII from not only adults but also minors,” Goodwolf added in a post on X (formerly Twitter). The site’s screenshots also show a statement from the Brain Cipher group saying, “Looks like it was easier to pay for and fix everything.”
Rhode Island Governor Daniel McKee confirmed that data from the RIBridges system had been leaked online in a statement“Deloitte informed us that the cybercriminal has released some RIBridges files on the dark web. While IT teams work hard to analyze the files, the most important thing Rhode Islanders can do now is protect their personal information.”
Rhode Island state officials have recommended that individuals who believe they may have been affected by the ransomware attack should take advantage of the free credit monitoring services offered by the state to freeze and monitor their credit, as well as remain vigilant against possible phishing attacks targeting compromised email addresses. .
Via Beeping computer