No Data Breached in Rhode Island Malware Incident
In the Rhode Island malware incident, which affected several hundreds of systems, no data has been compromised as per recent reports; reports also say that the malware attack had impacted three state departments.
It was on May 31 that the malware incident was discovered. As per reports, the incident had impacted three state departments, namely Department of Children, Youth and Families, Department of Human Services and Department of Behavioral Healthcare, Developmental Disabilities and Hospitals.
The Providence Journal reported, on June 3- “Devices at three state agencies were infected with malicious software over the weekend, but there is no evidence indicating that personally identifiable data was breached, according to a statement from Brenna McCabe, spokeswoman for the Rhode Island Department of Administration.”
The report further said- “The Department of Children, Youth and Families, Department of Human Services and Department of Behavioral Healthcare, Developmental Disabilities and Hospitals experienced technical issues Friday and the state’s information technology and cybersecurity teams confirmed that malware was to blame, the statement says.”
Channel 12 WPRI news quotes Rhode Island’s Chief Digital officer Bijay Kumar as saying- “In this case, we believe this could be through a generic phishing attack, clicking on a link in an email, just an external site which is clicked. We did some proactive upgrades and have since mitigated the issue.”
Channel 12 WPRI news also reports- “Kumar said out of the state’s 10,000 devices, fewer than 400 were affected by malware.”
The malware, which reportedly came via a phishing email, caused technical issues after crashing some state computers. The service disruptions, however, were minimal, as per reports and it didn’t affect business hours or first-of-the-month benefits payments.
Chief Digital Officer Bijay Kumar had told Channel 12 WPRI news that only the smaller PCS with lower processing power had crashed in the state agencies and that there was no other impact. He also clarified that there had been no data breaches and that monitoring was on to check for any further issues.
The EMA (Emergency Management Agency) and the Rhode Island State Police and National Guard were notified of the malware issue. Bijay Kumar told Channel 12 WPRI news- “We take security very seriously, so we always like to err on the safer side of security so we talked to the National Guard, state police, as well as EMA to make sure we don’t leave any stone unturned to keep our system secure.”
This malware incident adds Rhode Island to the list of places where similar incidents and breaches have impacted local-level agencies in the last six months.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.