On 21 May 2025, the state of Rhode Island revealed the findings of an investigation into a significant cyberattack on its RIBridges system, conducted by CrowdStrike. The analysis highlighted a breach that affected around 644,401 individuals, offering a detailed timeline of events and methods used by the cyberthreat actor.
Key Points
- The RIBridges system manages crucial social service benefits in Rhode Island and was attacked by the Brain Cipher cyberthreat group.
- The breach was identified on December 5, 2024, prompting officials to take the system offline temporarily.
- The cyberthreat actor accessed the environment using stolen Deloitte credentials and maintained access for five months.
- Approximately 644,401 people were affected; however, some notification letters were inaccurately sent to individuals not impacted by the breach.
- Deloitte has pledged $5 million to cover costs related to the breach and preventative measures.
Why should I read this?
If you care about the implications of cybersecurity on public services, this article is a must-read! It gives you the lowdown on a major hack affecting social services in Rhode Island. With so many people involved, understanding what went down and how it could happen again is crucial. We’ve sifted through the details for you, so you can stay informed about the state of data security in critical systems.
