If you are a Rhode Island resident who recently applied for government assistance through RIBridgesthere is a high possibility that your personal data has been compromised in a recent data breach.

Hackers stole RIBridges account holder’s names, date of birth, Social Security numbers and bank information, according to government officials. On Tuesday, the cybercriminal group responsible for the attack, Brain Cipherholds the data ransom and so threatening to leak it on the dark web.

If you have received the following benefits since the launch of RIBridges in 2016, your data may be at risk:

• Medicaid Supplemental Nutrition Assistance Program
• Temporary Assistance for Needy Families
• Child Care Assistance Program
• Health coverage purchased through HealthSource
• RI Rhode Island Works
• Long-Term Service and Support
• General Public Assistance Program Regarding Household Costs

“State government agencies are often considered the low-hanging fruit because they may lack the most sophisticated cybersecurity protections but have the most valuable information that criminals want,” James Lee, COO at the Identity Theft Resource Center, told CNET in an email.

RIBridges’ online portal, run by Deloitte, has been temporarily shut down while authorities work to fix the threat. Deloitte confirmed the breach on December 11, which is believed to have affected hundreds of thousands of residents.

Deloitte, which works with over 25 US statestold news outlets that only RIBridges’ systems were compromised in the Brain Cipher attack. The company did not immediately respond to CNET’s requests for comment.

“After consultation with our state IT department, Deloitte immediately implemented additional security measures and began investigating the threat,” the The governor’s office said in a statement on its website.

If you have been affected by this breach, you will be notified in the coming weeks and will receive access to identity theft and credit monitoring services paid for by Deloitte, state officials said at a press conference in December. 14.

For the latest information on infringement, you can visit cyberalert.ri.gov

What should I do if I am affected by the RIBridges hack?

If your data is compromised in a cyberattack, it is possible that your personal identification data may be leaked to the dark web and you may experience fraud. There are steps you can take to help protect your identity and potentially stop identity thieves in their tracks.

In one short video posted December 16, Rhode Island Gov. Daniel McKee, outlined a few steps residents can take to limit the consequences of a data breach. As a cybersecurity editor, I’ve added some more helpful steps to this list to lock down any sensitive data.

Update your password

You should change your RIBridges account password as soon as possible. If you use the same password on other accounts, change those passwords as well.

Set up multi-factor authentication

Multi-factor authentication is a great way to protect your accounts from scammers trying to commit fraud. After you login to an account, the website or mobile app will send a verification code via email or text to confirm that you are actually logged into the account.

A new one A CNET survey found that 41% of US adults enrolled in two-factor authentication after their data was compromised in a data breach.

Request copies of your credit reports

It should be you ask for copies of your credit report from each credit bureau and review it for any errors or accounts you didn’t open. It’s a good idea to do this several times a year, especially if you know your personal data has been compromised in a breach.

You can request free copies of your credit report every week at annualcreditreport.com.

Freeze your credit reports

McKee advises residents to contact all three credit reporting agencies (Experian, TransUnion and Equifax) and freeze their credit. Freezing your credit ensures that no one can open a new line of credit in your name and place the debt against you. credit score. To apply for credit on your own, however, you must temporarily unfreeze or “thaw” your credit.

“Freezing your credit can be done online in a minute on a smartphone or computer,” Lee said.

On the other hand, you can put fraud alerts on your credit reports, notifying you if someone tries to access your credit profile. However, fraud alerts only last for 12 months and will not block access to your creditor reports. This can be a good option if you expect to apply for credit soon and just want to be notified before an account is opened in your name.

See phishing attacks

If your personal data has been leaked in a breach, you are likely to start receiving phishing attempts from scammers looking to get into your financial accounts or obtain more personal information.

These scams can happen via text, email and phone and can take many forms — from nondelivery package scams and fake job opportunities in cryptocurrency scams.

Do not provide your personal information including your SSN and passport number through any unsolicited communication.

Sign up for identity theft protection

RIBridges account holders affected by this breach will receive free identity theft protection services paid for by Deloitte.

When the free coverage period ends, you may want to consider sign up for continuous coverage yourself.