Rhode Island AG opens investigation into transit authority data breach after ACLU letter

Rhode Island Attorney General Peter Neronha told The Providence Journal on Thursday that he is going to open an investigation into a data breach involving the Rhode Island Public Transit Authority (RIPTA) after outrage grew this week over the agency’s handling of the incident.  

Neronha’s office told the news outlet that they are receiving a high number of calls about the incident, prompting them to look into what happened. 

On December 21, RIPTA sent out a notice saying that August 5 was when they first identified a “security incident” and they eventually discovered that data was exfiltrated from their systems between August 3 and August 5. The files contained information about RIPTA health plans and included Social Security numbers, addresses, dates of birth, Medicare identification numbers and qualification information, health plan member identification numbers and claims information.

They offered victims identity monitoring services through Equifax. The US Department of Health and Human Services breach website indicates that 5,015 people were affected.

But earlier this week, the ACLU of Rhode Island asked RIPTA to explain why the personal information of people with no connection to the agency was included in the data breach.

Local ACLU chapter executive director Steven Brown said they have received complaints from people who got letters from

Read More: https://www.zdnet.com/article/rhode-island-attorney-general-opening-investigation-into-transit-authority-after-data-breach/#ftag=RSSbaffb68