- RIBridges data has been leaked on the Dark Web
- The ransomware attack took place on December 5.
- Brain Cipher ransomware group has now claimed responsibility for the attack
The ransomware gang involved in the recent attack on Rhode Island health coverage, human services and benefits programs website RIBridges has begun leaking documents from the attack.
The Brain Cipher ransomware group began leaking documents on its data breach site last week, likely in an effort to put pressure on RIBridges and the State to pay the ransomware fee.
RIBridges was first attacked on December 5, 2024, before state provider Deloitte confirmed the breach on December 10 after the attackers sent it a screenshot of internal systems and informed the state that the attackers had successfully gained access to the data and potentially had it stolen. .
Data on adults and minors is leaked
The data stolen in the attack could include names, addresses, dates of birth, Social Security numbers and certain banking information, and could affect up to 650,000 people who used the RIBridges system.
Cybersecurity researcher Connor Goodwolf downloaded the leaked files and provided several screenshots of folders, some of which contain tens of gibibytes of data.
“The Brain Cipher ransomware group has released breach data from the Deloitte RIBridges hack, which contains personal information not only of adults but also minors,” Goodwolf added in a post on X (formerly Twitter). Screenshots of the site also show a statement from the Brain Cipher group that reads: “It seems like it was easier to pay and fix everything.”
Rhode Island Governor Daniel McKee confirmed in a statement that data from the RIBridges system had been leaked online: “Deloitte informed us that the cybercriminal released some RIBridges files on the dark web. While IT teams work diligently to analyze the files, the most important thing Rhode Islanders can do is protect their personal information now.”
Rhode Island state officials have recommended that people who believe they may have been affected by the ransomware attack use the free credit monitoring services provided by the state to freeze and monitor their credit, and also remain vigilant against potential attacks. phishing attacks aimed at compromised email addresses. .
Through ringing computer
