The Mind Cipher ransomware gang has begun to leak paperwork stolen in an assault on Rhode Island’s “RIBridges” social providers platform.
RIBridges is an built-in eligibility system (IES) utilized by the state to handle and ship social help applications, together with healthcare, meals help, baby care, and different providers.
Rhode Island first discovered that RIBridges was the goal of an assault on December 5 after being notified by its vendor, Deloitte. Nonetheless, it wasn’t till December 10 that it was confirmed that menace actors gained entry to the system and certain stole knowledge.
“On December 10, the State acquired affirmation from Deloitte that there had been a breach of the RIBridges system primarily based on a screenshot of file folders despatched by the hacker to Deloitte,” reads an announcement from the federal government.
“On December 13, Deloitte confirmed there was malicious code current within the system, and the State directed Deloitte to close RIBridges all the way down to remediate the menace.” continued the assertion.
Final week, the Mind Cipher ransomware gang started leaking a number of the stolen knowledge on its knowledge leak website.
Cybersecurity researcher Connor Goodwolf downloaded the info and claims it comprises the private knowledge of each adults and minors.
“The ransomware group Mind Cipher has launched the breach knowledge from the Deloitte RIBridges hack, containing PII of not simply adults however minors,” tweeted the researcher.
Based mostly on screenshots shared by GoodWolf, the stolen recordsdata include quite a few archives containing what seem like Oracle databases, backups, and different knowledge.
Goodwolf was beforehand sued by the Metropolis of Columbus for sharing samples of information stolen from the Metropolis’s IT community and leaked by the Rhysida ransomware gang. That lawsuit has since been dismissed.
In an announcement launched earlier this week, Governor McKee confirmed that some knowledge was launched on the darkish internet.
“Deloitte knowledgeable us that the cybercriminal launched some RIBridges recordsdata on the darkish internet. Whereas IT groups are working diligently to research the recordsdata, crucial factor Rhode Islanders can do is shield their private data now,” tweeted McKee.
It’s believed that roughly 650,000 folks have been impacted by the breach and should have had their names, addresses, dates of beginning, Social Safety numbers, and sure banking data uncovered within the assault.
As a result of this knowledge’s delicate nature, state officers advise Rhode Islanders to freeze and monitor their credit score for fraudulent exercise. Additionally it is suggested to be looking out for focused phishing scams using the stolen knowledge that will try to steal additional data.
Mind Cipher is a ransomware gang that started conducting assaults in June 2024, with the group gaining media consideration after it attacked Indonesia’s short-term Nationwide Information Heart.
The ransomware gang makes use of an encryptor created utilizing the leaked LockBit 3.0 builder and makes use of an information leak website to extort victims into paying a ransom demand.
Presently, the Mind Cipher knowledge leak website is offline and the leaked knowledge will not be accessible. Nonetheless, their Tor negotiation web page continues to work, probably indicating that the info leak website is beneath a DDoS assault to stop the dissemination of stolen knowledge.
