PROVIDENCE – The R.I. House Minority Caucus is urging the Joint Committee on Legislative Services to hold an emergency meeting and order a comprehensive audit of the cyberattack on the RIBridges public-benefits system that led to public data being released on the dark web.
The Republican caucus on Thursday urged the state’s auditor general to thoroughly examine Rhode Island's contracts with Deloitte Consulting LLP, which manages the breached computer system, from 2013 to the present. It should include a detailed review of all state departments, employees and contractors involved in awarding, extending or executing contracts tied to the public-benefits system since its inception. The public benefits system was called the Unified Health Infrastructure Project before being renamed RIBridges.
“Given that a partial review of [the Unified Health Infrastructure Project] was conducted by the attorney general seven years ago, JCLS could alternatively choose to invoke its authority ... to facilitate this process,” the caucus said it its statement. “To ensure transparency, the JCLS should direct the auditor general to use statutory subpoena powers to compel witnesses and gather all relevant testimony and documentation. This audit must uncover the full scope of failures and financial costs associated with this unacceptable misuse of taxpayer funds.”
House Speaker K. Joseph Shekarchi, who serves as chairman of the joint legislative committee, told Providence Business News on Thursday it is premature to conduct an audit.
“I am deeply concerned for the hundreds of thousands of Rhode Islanders who receive these benefits, as well as the providers impacted by the cyberattack of the RIBridges system," Shekarchi said. "However, it would be premature to conduct an audit given the magnitude of this evolving problem with a lot of facts that are still unknown, including Deloitte’s responsibility to address this serious breach and the potential of legal action by the attorney general. There are other options to pursue, including conducting oversight committee hearings in the General Assembly.”
On Dec. 13 Gov. Daniel J. McKee’s office confirmed that hackers accessed RIBridges, an online portal for obtaining social services, including health insurance through HealthSource RI. The online portal was shut down as a precautionary measure.
On Dec. 30, McKee said Deloitte informed his office around 9 a.m. that the ransomware group Brain Cipher released some of the stolen information on the dark web. Officials said the stolen personal data for up to 650,000 individuals included Social Security and bank account numbers, along with information from health insurance received through HealthSource RI.
Security teams are analyzing the released files, but the McKee administration said the full scope of the data that was released remains unclear. They have urged anyone who used the RIBridges system to assume their data has been compromised.
The administration is also working with Deloitte to generate a list of affected individuals and will send letters with instructions on how to access free credit monitoring, it said, adding the latest development does not “yet” mean the information has been used for identity theft purposes.
McKee said he has told Deloitte they should be prepared to cover any out-of-pocket losses the state encumbers from the delay or loss of social services.
The department is aiming to have RIBridges back up live sometime in mid-January.
On Wednesday, HealthSource RI extended call center hours through Jan. 5 to help those affected by the RIBridges cyberattack.
The call center can be reached at 1-855-840-4744 and will be open 8 a.m. to 8 p.m. Thursday and Friday and 9 a.m. to 5 p.m. Jan. 4 and 5. Customers can get help choosing a plan, making a payment and getting information about their account status. The call center is also ready for those who need to choose a plan for 2025 coverage.
(SUBS 4th and 5th paragraphs with comment from House Speaker K. Joseph Shekarchi.)
