Cyber Incident Victim: Rhode Island Department of Human Services
Date:
Jun 2018
Location:
United States of America
Summary
Several Rhode Island state agencies, including the Department of Human Services, experienced technical disruptions due to a malware attack affecting their systems. While operational challenges occurred, officials confirmed no evidence of compromised personal data and assured that critical monthly payments remained unaffected. Response efforts involved coordination between state police, the National Guard, and emergency management teams to contain the threat. Minor service interruptions persisted temporarily, but all impacted departments maintained operations and reopened as scheduled, with customers advised to expect brief delays during recovery.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around June 1, 2018, multiple Rhode Island state agencies experienced technical disruptions due to a malware attack. The affected entities included the Department of Human Services, the Department of Children, Youth and Families, and the Department of Behavioral Healthcare. The incident occurred on a Friday, causing operational difficulties across these agencies. Officials confirmed the disruptions stemmed from an online malware threat but did not identify the specific type or origin of the malicious software. While systems were compromised enough to cause service interruptions, state authorities explicitly stated no evidence indicated unauthorized access to or exfiltration of personal data. Critical payment systems remained functional throughout the incident, with monthly benefit distributions to recipients unaffected by the attack.
State police, the Rhode Island National Guard, and the Emergency Management Agency coordinated containment efforts to mitigate the malware's spread and impact. Officials publicly requested patience from agency customers, acknowledging that minor service disruptions would likely persist temporarily despite remediation efforts. All affected departments maintained their planned operating schedules, confirming they would reopen for regular business hours the following Monday. The public communications emphasized maintaining essential services while containing the threat, though technical recovery specifics and long-term forensic findings were not disclosed in the initial reports. No additional state agencies beyond the three named departments were confirmed as impacted in the immediate aftermath of the incident.