RIBridges Alert

For translation services, please select the "language" button in the upper right hand corner of this web page. Para servicios de traducción, por favor seleccione el botón “language” (idioma) en la esquina superior derecha.

On December 13, 2024, the State was informed by its vendor, Deloitte, that there was a major security threat to RIBridges, the system that manages many of the state’s social services programs. Additionally, Deloitte confirmed that there is a high probability that a cybercriminal has obtained files with personally identifiable information.

This is the State of Rhode Island’s dedicated webpage for all the latest information on the breach. We understand this is an alarming situation, and we appreciate your patience as we investigate this matter. We will continue to navigate this challenge together. 

Updates via Facebook Updates via Twitter (X)

Update 12/23/2024: Governor McKee and HealthSource RI Announce New Flexibilities for Plan Selection

Governor Dan McKee and HealthSource RI, the state’s marketplace for affordable health coverage, announced new flexibilities in place to help keep Rhode Islanders connected to coverage for 2025 while the RIBridges system, managed by Deloitte, is temporarily unavailable.

Today HSRI is pleased to announce several flexible options to make sure its customers are covered from January 1st.

  • We have extended Open Enrollment through February 28, so Rhode Islanders will be able pick a plan of their choice through HSRI for an extra month this year, once enrollment through the RIBridges system becomes available. Any plan chosen can be made retroactive to January 1st.
  • We have arranged for customers with an urgent need for January 1st coverage to enroll directly for January and February coverage with HSRI’s longtime insurance carriers, Blue Cross & Blue Shield of Rhode Island and Neighborhood Health Plan of Rhode Island.
  • Once the system becomes available to HSRI customers again, customers will receive information about how to apply for coverage for the remainder of the year through HSRI. This will ensure customers are connected with federal financial assistance in the form of advance premium tax credits for March and beyond.
  • For more information on which customers may benefit from this stopgap option, details on how to enroll, plan options, and how to find assistance, visit healthsourceri.com/covered2025.

HSRI’s customer service team at 1-855-840-4774 will be able to assist customers with questions beginning Thursday, December 26 at 12 noon, as we will be closed Thursday morning to ensure all of our team have completed training on new special coverage rules. Extended customer service hours will also be announced shortly on healthsourceri.com/covered2025.

Aside from these new options for those not yet enrolled, here’s what certain groups of HSRI customers in various stages of the enrollment process should know and can do to keep their coverage: 

  • Coverage will be active for customers whose plan selections for 2025 were already made (through automatic renewal or by taking action to select a plan) and who have either already made a payment or set up auto-payment. They do not need to take any action.
  • Customers in 2024 plans who previously received notice that they were not automatically renewed but needed to take action to select a 2025 plan will be held in the same plans with the same insurance carriers they had been with in 2024. Once RIBridges is restored, they will have an opportunity to adjust their plan if better suited to changes in their income or other. Such changes may be allowed retroactively to January 1 if needed
  • Customers who were automatically renewed but not enrolled in auto-payments or made a manual payment simply need to pay their premium. This guidance is the same for customers who selected a plan by Thursday, December 12 but had not yet paid. They can do so:
    • in person by bringing their barcoded invoice to any CVS except those in Target locations. 
    • in person by depositing a check or money order in a 24/7 drop-box at the HealthSource RI East Providence walk-in center, 401 Wampanoag Trail. 
    • by phone through our call center at 1-855-840-4774.

Update 12/20/2024: Governor McKee Shares Information for Protecting Children’s Credit

Governor Dan McKee has outlined resources available to help parents and families who may be concerned about the security of their children’s credit in light of the recent RIBridges data breach.

“People need to act fast when it comes to protecting their personal information, and for some, that includes keeping an eye on their child’s credit,” said Governor Dan McKee. “Our State is committed to providing timely updates and resources so that Rhode Islanders and their families can take action to secure their credit and data.”

Step-by-step guidance is available through the three major credit reporting agencies:

  • Are My Children at Risk Of Identity Theft? (Equifax)
  • Requesting a Minor's Credit Report, Fraud Alert or Security Freeze (Experian)
  • Child Identity Theft (TransUnion)

Most minors will not yet have a credit file, as minors can only take out loans or credit cards if their parents or their guardians cosign. The state cybersecurity advisor suggests that concerned guardians apply for free credit monitoring for their children based on their children's social security numbers. The monitoring feature will alert a parent or guardian if an attempt to access their child's credit is made. 

For more details and updates regarding the data breach, please visit cyberalert.ri.gov.

Update 12/17: Call Center Hours Extended – Enhancing Customer Service

Today, at Governor Dan McKee’s direction, the RIBridges Data Breach Hotline hours have been extended to operate on weekends as well as weekdays. The hours are Monday through Friday, 9 a.m. to 9 p.m. and Saturday and Sunday, 11 a.m. to 8 p.m. Operated by Experian, the multilingual, toll-free hotline is 833-918-6603.

Additionally, the Department of Human Services has extended the office hours of its Pawtucket office and two Providence offices to 7 p.m. from Tuesday, December 17 to Thursday, December 19. DHS will also extend its call center hours on those days. That call center can be reached at 1-855-697-4347. 

Addresses for the offices are: 

  • 1 Reservoir Avenue 
    Providence, RI 02907 
  • 125 Holden Street 
    Providence, RI 02908 
  • 249 Roosevelt Avenue 
    Pawtucket, RI 02860

Update 12/16/24: 5 Steps to Protect Your Personal Information Today 

Governor McKee issued a public service announcement to encourage potentially impacted Rhode Islanders to take 5 steps to protect their personal information today.  

Update 12/15/24: RIBridges Data Breach Hotline Now Available

  • Phone number: 833-918-6603 

  • Hours:

    • Mondays through Fridays from 9 a.m. to 9 p.m.  

    • Saturday and Sunday from 8:30 a.m. to 7 p.m.

      • NOTE: The Call Center will not be open Christmas Eve and Christmas Day, December 24 and 25, or New Year’s Eve and New Year’s Day, December 31 and January 1.

  • Reference number: The reference number for the Rhode Island incident is B137035. You may be asked for it when you call. 

  • What they can help with: Call center staff will be able to provide general information about the breach as well as steps customers can take now to protect their personal information.  Unfortunately, they will not be able to answer questions about state benefits or health care coverage.

  • Can they tell me if I’m impacted?: Unfortunately, while the analysis of the data involved is still happening, call center staff will not be able to confirm if your data is included in the breach at this time.   

  • Households that have had personal information compromised will receive a letter by mail from the State that explains how to access free credit monitoring. 

Governor McKee was joined by a federal cybersecurity expert to share what potentially impacted Rhode Islanders should do now to protect their personal information.  

Steps include credit monitoring, credit freezes and two-factor authentication for financial accounts. See below for five steps you can right now to protect your personal information. 

Watch the press conference:

Update 12/13/24: RIBridges Alert 

On December 13, 2024, the State was informed by its vendor, Deloitte, that there was a major security threat to the RIBridges system. In response, we have proactively taken the system offline so that the State and Deloitte can work to address the threat and restore the system as quickly as possible. Additionally, Deloitte confirmed that there is a high probability that a cybercriminal has obtained files with personally identifiable information from RIBridges.  

 

Details about the Data Breach   

To the best of our knowledge, any individual who has received or applied for state health coverage or health and human services programs or benefits could be impacted by this breach. The programs and benefits managed through the RIBridges system include but are not limited to:    

  • Medicaid     
  • Supplemental Nutrition Assistance Program (SNAP)     
  • Temporary Assistance for Needy Families (TANF)     
  • Child Care Assistance Program (CCAP)     
  • Health coverage purchased through HealthSource RI    
  • Rhode Island Works (RIW)     
  • Long-Term Services and Supports (LTSS)     
  • General Public Assistance (GPA) Program 
  • At HOME Cost Share 

While the analysis of the breach is still underway, unfortunately, Deloitte has indicated that the information involved may include names, addresses, dates of birth and Social Security numbers, as well as certain banking information, but is still assessing the situation. 

What You Can Do 

Households that have had personal information compromised will receive a letter by mail from the State that explains how to access free credit monitoring.  

In response to the RIBridges data breach, Deloitte has contracted with Experian to run a call center which is open:

  • Monday – Friday, 9 a.m. to 9 p.m. 
  • Saturday – Sunday 11 a.m. to 8 p.m.
    • NOTE: The Call Center will not be open Christmas Eve and Christmas Day, December 24 and 25, or New Year’s Eve and New Year’s Day, December 31 and January 1.

Call center staff will be able to provide general information about the breach as well as steps customers can take now to protect their data. Unfortunately, as the analysis of the data involved is still happening, call center staff will not be able to confirm whether a particular individual’s data is or is not included in the breach at this time.  

We are currently unaware of any identity theft or fraud related to this data breach. However, we advise customers to remain vigilant and monitor their accounts for any unauthorized activity. This includes:  

#1: Freeze Your Credit  
Reach out to all three credit reporting agencies to freeze your credit. This is free and means no one else can take out a loan or establish credit in your name. You won’t lose access to your money or credit cards. You can lift the freeze at any time. 

#2: Monitor Your Credit 
Contact one of the three credit reporting agencies to order a free credit report. You can also access a free credit report through AnnualCreditReport.com. 

#3: Request a Fraud Alert  
Ask one of the credit reporting agencies to place a fraud alert on your files. This is free and lets creditors know to contact you before any new accounts can be opened in your name. Asking one agency to do this will cover this step for all three agencies. 

#4 Use Multifactor Authentication  
This means instead of having just one password to access your information, you have a safety backup to help prove that it’s really you before you can log into your account.  

#5 Be Aware   
Because of the breach, you may receive fake emails, phone calls or texts that look legitimate. Remember, never share personal information – such as your social security number, date of birth or password – through an unsolicited e-mail, call or text.

 

Credit Rating Agencies

Credit Bureau  

Equifax  

Experian  

TransUnion  

Online   

https://www.equifax.com/personal/credit-report-services   

https://www.experian.com/help/  

https://www.transunion.com/customer-support/   

By Phone   

1-888-298-0045  

1-888-397-3742  

1-800-916-8800  

By Mail: Fraud Alert (alerting one alerts them all)  

Equifax Fraud Alert, P.O. Box 105069, Atlanta GA 30348-5069  

Experian Fraud Alert, P.O. Box 9554, Allen TX, 75013  

TransUnion Fraud Alert, P.O. Box 2000, Chester, PA 19016  

By Mail: Credit Freeze (each bureau must be alerted individually)  

Equifax Credit Freeze Alert, P.O. Box 105788, Atlanta GA 30348-5788  

Experian Credit Freeze, P.O. Box 9554, Allen TX, 75013  

TransUnion Credit Freeze, P.O. Box 160, Chester, PA 19094 

Updates on Restoring RIBridges Forthcoming  

We will provide updates as the State continues to address the situation. At this time, the State and Deloitte are focused on addressing the threat.   

Information about Customer Accounts and Applying for Benefits

We understand this is an alarming situation for our customers. Current customers will not be able to log into their account through the portal or the mobile app while the system is offline. Updates will be made available on this webpage. 

Rhode Islanders seeking to apply for benefits can still submit a paper application. The application and instructions can be found online under “Apply by Mail” at https://dhs.ri.gov/apply-now   

Details about the Threat 

On December 5, the State was informed by its vendor, Deloitte, that the RIBridges data system was the target of a potential cyberattack. At that time, it was unclear if any sensitive information was breached. At that time, appropriate federal law enforcement and agencies were notified, as well as the Rhode Island State Police.  

After consultation with our state IT department, Deloitte immediately implemented additional security measures and started to assess the threat. It was important, for security reasons, to keep this knowledge internal until we could secure the RIBridges system. At the same time, our team began an investigation into what data may have been compromised, and how a possible attack was able to occur.    

On December 10, the State received confirmation from Deloitte that there had been a breach of the RIBridges system based on a screenshot of file folders sent by the hacker to Deloitte. On December 11, Deloitte confirmed that there is a high probability that the implicated folders contain personally identifiable information from RIBridges. On December 13, Deloitte confirmed there was malicious code present in the system, and the State directed Deloitte to shut RIBridges down to remediate the threat.  State police and federal law enforcement are involved in an advisory capacity and no further leads have been provided.