In a wide-ranging interview with Beacon Media on Tuesday, K. Joseph Shekarchi, Speaker of the Rhode Island House of Representatives, said he found out about last week’s cyberattack on the …
This item is available in full to subscribers.
If you are a current print subscriber, you can set up a free website account by clicking here.
Otherwise, click here to view your options for subscribing.
Please log in to continue |
|
In a wide-ranging interview with Beacon Media on Tuesday, K. Joseph Shekarchi, Speaker of the Rhode Island House of Representatives, said he found out about last week’s cyberattack on the RIBridges system, which handles state aid information including SNAP benefits and Medicaid, only a few hours before it became public knowledge on Friday, though he had heard unofficial “rumblings” about the attack the day before.
The attack occurred Dec. 5, and has been claimed by an international ransomware group known as Brain Cipher.
When asked if Gov. Dan McKee’s administration waited until Friday night to acknowledge the attack to try to minimize the impact of the story, Shekarchi said the intent was instead to make sure the hackers could not take any additional data before making the news public.
“[The state’s] justification for this was that if they had alerted the public, they would have alerted the culprits, and they wanted to try to minimize the information [stolen],” Shekarchi said. “I believe they were getting advice from the FBI – they were trying to track the culprit while they were in the system.”
McKee’s office, Shekarchi said, also told WPRI to hold off on reporting the story until after 6:20 p.m. Friday in order to give the state enough time to shut down the system and prevent any more data from being taken, a process that Shekarchi said took roughly two hours. The TV station complied with the request.
Though the personal information of hundreds of thousands of Rhode Islanders was compromised, Shekarchi said the General Assembly was not directly affected by the attack.
“We’re separate from the rest of the state,” Shekarchi said. “We have our own built-in firewall, our own built-in protections – we were unaffected.”
Deloitte, an auditing, consulting, tax and advisory firm that handles the system for RIBridges, has come under intense scrutiny and is already a defendant in class-action lawsuits filed over the incident, and
Shekarchi saying that any damages from the cyberattack should come from the company.
“I’m concerned because Deloitte does not have a good history in being able to execute stuff in the state or protect it, protect that data,” Shekarchi said. “[Monday], there was a class-action lawsuit filed against them, so I think that’s just the beginning … What I would say is that any damages that come as a result of this, and any damages that are needed to correct this or fix this, should all be paid by Deloitte.”
One lawsuit, filed by former state Rep. Peter Wasylyk, is for anticipatory damages, saying that Deloitte had failed to take measures to protect residents who use RIBridges and ensure that its data was protected.
Additionally, Rhode Island’s federal delegation wrote a letter to the Department of Health and Human Services and Department of Agriculture on Tuesday seeking flexibility for Rhode Islanders using or applying for RIBridges programs and ensuring that Rhode Islanders will regain access to those programs.
Comments from the full interview with Shekarchi on a range of topics including housing, schools and the state budget will be published in the next editions of the Warwick Beacon.
Anyone who suspects they may be affected by the cyberattack will find guidance at cyberalert.ri.gov or by calling (833) 918-6603.
Comments
No comments on this item Please log in to comment by clicking here