Ransomware attackers leak stolen Rhode Island private info following hack

News
By published

Brain Cipher leaks RIBridges files

Data leak
(Image credit: Shutterstock/dalebor)
  • RIBridges data has been leaked on the Dark Web
  • The ransomware attack took place on December 5
  • Brain Cipher ransomware group has now claimed responsibility for the attack

The ransomware gang involved in the recent attack against the Rhode Island health coverage, human services, and benefit programs website, RIBridges, has started leaking documents from the attack.

The Brain Cipher ransomware group began leaking documents on its data leak site last week, likely in an effort to exert pressure on RIBridges and the State to pay the ransomware fee.

RIBridges was first targeted on December 5 2024, before the state’s vendor Deloitte confirmed the breach on December 10 after being sent a screenshot of internal systems by the attackers, and informed the state that the attackers had successfully gained access to data and had potentially stolen it.

Article continues below

Data on adults and minors leaked

The data stolen in the attack could include names, addresses, dates of birth, Social Security numbers, and certain banking information, and could affect up to 650,000 individuals who used the RIBridges system.

Cybersecurity researcher Connor Goodwolf downloaded the leaked files and provided several screenshots of folders, with some shown to contain tens of gibibytes of data.

“The ransomware group Brain Cipher has released the breach data from the Deloitte RIBridges hack, containing PII of not just adults but minors,” Goodwolf added in a post on X (formerly Twitter). The screenshots from the site also show a statement from the Brain Cipher group stating, “It seems that it was easier to pay and fix everything.”

Rhode Island’s Governor Daniel McKee confirmed that data from the RIBridges system had been leaked online in a statement, “Deloitte informed us that the cybercriminal released some RIBridges files on the dark web. While IT teams are working diligently to analyze the files, the most important thing Rhode Islanders can do is protect their personal information now.”

Rhode Island state officials have recommended that individuals who believe they may have been affected by the ransomware attack should use the free credit monitoring services being provided by the state to freeze and monitor their credit, and also remain vigilant against potential phishing attacks targeting compromised email addresses.

Via Bleeping Computer

You might also like

Benedict Collins
Benedict Collins
Senior Writer, Security

Benedict is a Senior Security Writer at TechRadar Pro, where he has specialized in covering the intersection of geopolitics, cyber-warfare, and business security.

Benedict provides detailed analysis on state-sponsored threat actors, APT groups, and the protection of critical national infrastructure, with his reporting bridging the gap between technical threat intelligence and B2B security strategy.

Benedict holds an MA (Distinction) in Security, Intelligence, and Diplomacy from the University of Buckingham Centre for Security and Intelligence Studies (BUCSIS), with his specialization providing him with a robust academic framework for deconstructing complex international conflicts and intelligence operations, and the ability to translate intricate security data into actionable insights.