The Brain Cipher ransomware group has initiated the release of stolen documents from Rhode Island’s RIBridges social services platform, a critical system managing various social assistance programs including healthcare, food assistance, and childcare services.
Timeline of the Attack:
– December 5: Initial attack notification received from Deloitte
– December 10: Confirmation of system breach and data theft
– December 13: Malicious code discovered, leading to system shutdown
– Recent: Data leaks began appearing on dark web
Impact and Scope:
– Approximately 650,000 individuals affected
– Compromised data includes:
– Names
– Addresses
– Dates of birth
– Social Security numbers
– Banking information
– Personal information of both adults and minors
Technical Details:
– Stolen files contain Oracle databases and backups
– Brain Cipher utilized LockBit 3.0 builder for their encryption tool
– Group’s data leak site currently offline, though negotiation page remains functional
Response and Recommendations:
– Governor McKee confirmed the data release
– State officials advise residents to:
– Freeze credit
– Monitor accounts for suspicious activity
– Be vigilant against potential phishing attempts
Background on Brain Cipher:
– Operations began in June 2024
– Gained notoriety after attacking Indonesia’s National Data Center
– Uses data leak sites for ransom negotiations