Confusing data breach in Rhode Island leads to AG investigation
On Thursday, the Rhode Island Attorney General Peter Neronha announced that he plans to open an investigation into a recent data breach involving the Rhode Island Public Transit Authority (RIPTA). The announcement comes after criticism and controversy over the way the agency handled the incident. Neronha reported that the Rhode Island government was receiving a high number of calls regarding the incident, prompting them to take further action.
RIPTA issued a notice regarding the attack on December 21, however, it initially detected a security incident on August 5. Later on, RIPTA discovered that the data was exfiltrated from their systems between August 3 and 5. Attackers stole files containing information about RIPTA health plans and accessed Social Security numbers, addresses, dates of birth, Medicare identification numbers, health plan member identification numbers, and claims information. Overall, it has been reported by the US Department of Health and Human Services that 5,015 people were affected.