RelatedWhat we know so far about the cyberattack on R.I.'s benefits system
For more than a week, however, officials have already been urging those who have relied on, or have even only applied to the public assistance services tied to RIBridges in recent years, to take steps to safeguard their personal information. They have suggested freezing their credit and changing their passwords, among other precautionary measures.
The full list of programs known to be affected by the breach is broad: Medicaid, Supplemental Nutrition Assistance Program (SNAP), Temporary Assistance for Needy Families (TANF), Childcare Assistance Program, HealthSource RI, Rhode Island Works, Long-Term Services and Supports, General Public Assistance, and At HOME Cost Share are all believed to have been impacted.
The breach has sent officials scrambling to develop backup enrollment plans, some of which were detailed further on Monday.
McKee said RIBridges will remain shut down until sometime in January, but stressed those enrolled in SNAP or Temporary Assistance for Needy Families should expect to see funds appear on their EBT card "without a problem."
"There is no need to worry that your benefits will be terminated," McKee said. "There will be no terminations while the system is still down."
HealthSource RI, the state's health care exchange, will extend its open enrollment period through Feb. 28, and will give customers the option for retroactive medical insurance coverage dating back to Jan. 1, according to Lindsay Lang, the director of that program.
For those who require insurance coverage starting on Jan. 1, a call center at 1-855-840-4774 will be available to provide assistance beginning at 12 p.m. on Thursday, Lang said.
"While our system is down, we have a temporary program to ensure that Rhode Islanders with an urgent need for health coverage, starting on Jan. 1, are able to enroll through either of our two health insurance carriers, Neighborhood Health Plan of Rhode Island or Blue Cross, Blue Shield of Rhode Island for the months of January and February," Lang said. "Those enrolled in this direct option will not be responsible for premiums, and carriers are working to limit out of pocket costs like co-pays and deductibles that you incur during that time."
Lang said a webpage at www.healthsourceri.com/cover2025 would be available later Monday afternoon with additional information.
According to Lang, most of HealthSource RI's customers auto-renewed their policies or chose a plan prior to when RIBridges was shut down this month. Those who have not paid so far can do so before the end of the year by phone, in person, or at any CVS location (excluding locations inside Target stores) by bringing the barcode from their health insurance bill.
"Further, we've been working with our carrier partners to ensure that any existing 2024 customer who has not already renewed are temporarily kept in their existing health insurance plans, and once the system becomes available, those customers will be able to make any plan selection that they like for the remainder of 2025," Lang added.
Kimberly Merolla-Brito, director of the state Department of Human Services, said the agency is set to "to distribute all scheduled benefits for the first of the year on time and through normal distribution channels."
"No benefits will be terminated in December, ensuring uninterrupted support for all of programs, including our Supplemental Nutrition Assistance Program, child care, general public assistance, Medicaid, and Rhode Island Works," Merolla-Brito said.
DHS has reverted to paper processing for new benefit applications as well as re-certifications and reported changes while the system remains shut down, according to officials.
Hackers sent Deloitte, the state's vendor that oversees the system, a screenshot of file folders with identifiable personal data on Dec. 10, officials have said.
The group, Brain Cipher, has claimed responsibility for the attack and has demanded a ransom, officials have said. McKee and state officials have said they believe the group could release the stolen data onto the "dark web" at any time.
Brian Tardiff, the state's chief digital officer, told reporters on Monday officials have "no indications or reports from Deloitte that the information has been released on the dark web."
But he added: "I think it's important to remember that the data has been taken already, and just because the bad actors are saying they have not released it doesn't mean that this information is not already on the dark web."