The Mind Cipher ransomware gang has begun to leak paperwork stolen in an assault on Rhode Island’s “RIBridges” social companies platform.
RIBridges is an built-in eligibility system (IES) utilized by the state to handle and ship social help applications, together with healthcare, meals help, baby care, and different companies.
Rhode Island first discovered that RIBridges was the goal of an assault on December 5 after being notified by its vendor, Deloitte. Nevertheless, it wasn’t till December 10 that it was confirmed that risk actors gained entry to the system and certain stole information.
“On December 10, the State obtained affirmation from Deloitte that there had been a breach of the RIBridges system primarily based on a screenshot of file folders despatched by the hacker to Deloitte,” reads a press release from the federal government.
“On December 13, Deloitte confirmed there was malicious code current within the system, and the State directed Deloitte to close RIBridges right down to remediate the risk.” continued the assertion.
Final week, the Mind Cipher ransomware gang started leaking among the stolen information on its information leak web site.
Cybersecurity researcher Connor Goodwolf downloaded the info and claims it incorporates the non-public information of each adults and minors.
“The ransomware group Mind Cipher has launched the breach information from the Deloitte RIBridges hack, containing PII of not simply adults however minors,” tweeted the researcher.
Primarily based on screenshots shared by GoodWolf, the stolen information encompass quite a few archives containing what look like Oracle databases, backups, and different information.
Goodwolf was beforehand sued by the Metropolis of Columbus for sharing samples of information stolen from the Metropolis’s IT community and leaked by the Rhysida ransomware gang. That lawsuit has since been dismissed.
In a press release launched earlier this week, Governor McKee confirmed that some information was launched on the darkish net.
“Deloitte knowledgeable us that the cybercriminal launched some RIBridges information on the darkish net. Whereas IT groups are working diligently to research the information, a very powerful factor Rhode Islanders can do is shield their private data now,” tweeted McKee.
It’s believed that roughly 650,000 folks had been impacted by the breach and will have had their names, addresses, dates of start, Social Safety numbers, and sure banking data uncovered within the assault.
As a consequence of this information’s delicate nature, state officers advise Rhode Islanders to freeze and monitor their credit score for fraudulent exercise. It is usually suggested to be looking out for focused phishing scams using the stolen information which will try and steal additional data.
Mind Cipher is a ransomware gang that started conducting assaults in June 2024, with the group gaining media consideration after it attacked Indonesia’s non permanent Nationwide Knowledge Heart.
The ransomware gang makes use of an encryptor created utilizing the leaked LockBit 3.0 builder and makes use of an information leak web site to extort victims into paying a ransom demand.
Presently, the Mind Cipher information leak web site is offline and the leaked information isn’t accessible. Nevertheless, their Tor negotiation web page continues to work, probably indicating that the info leak web site is underneath a DDoS assault to forestall the dissemination of stolen information.