On December 13, 2024, the State of Rhode Island (“Rhode Island”) posted a website after learning that Deloitte, a vendor the State uses to help manage RIBridges, experienced a data breach. In this notice, Rhode Island explains that the incident may have resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, addresses, dates of birth, Social Security numbers, and banking information. This incident is still under investigation; however, once the investigation is complete, Deloitte or Rhode Island will begin sending data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you receive a data breach notification from Deloitte or the State of Rhode Island, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following a possible RIBridges data breach. For more information, please see our recent piece on the topic here.
What Caused the RIBridges Data Breach?
The RIBridges data breach was only recently announced, and more information is expected in the near future. However, the State of Rhode Island has released several press releases that provide important information on what led up to the incident. Prior to these releases, Deloitte had mentioned that one of its clients had experienced a data breach, although, at the time, Deloitte did not mention the client was RIBridges.
According to the Rhode Island press releases, on December 13, 2024, Deloitte informed Rhode Island that there was a “major security threat to RIBridges,” which is the system that manages many of Rhode Island’s social services programs. As a result, Deloitte explained that there was a “high probability” that hackers were able to obtain confidential consumer information belonging to certain Rhode Islanders.
According to Deloitte’s investigation, the incident affected many of the programs and benefits managed through the RIBridges system, including:
- At HOME Cost Share
- Child Care Assistance Program (CCAP)
- General Public Assistance (GPA) Program
- Health coverage purchased through HealthSource RI
- Long-Term Services and Supports (LTSS)
- Medicaid
- Rhode Island Works (RIW)
- Supplemental Nutrition Assistance Program (SNAP)
- Temporary Assistance for Needy Families (TANF)
While the investigation is still underway, Deloitte has indicated that the information involved may include your name, address, date of birth, Social Security number, and banking information.
Rhode Island indicated that it will be sending out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.
More Information About Deloitte
Deloitte is a global professional services firm that provides audit, consulting, tax, and advisory services to clients across various industries. Headquartered in London, Deloitte operates in over 150 countries and serves businesses ranging from multinational corporations to government agencies and nonprofit organizations. The firm specializes in areas such as strategy, risk management, technology solutions, and financial advisory to help clients address complex challenges and drive growth. With a workforce of over 460,000 people worldwide, Deloitte generates annual revenues exceeding $67 billion, making it one of the largest professional services networks in the world.
