- Rhode Island finalized a $12M settlement with Deloitte over the December 2024 ransomware attack.
- The Brain Cipher gang exposed data of 650,000 people who use the RIBridges benefits system.
- Deloitte denied wrongdoing but paid $5M initially plus $7M more in the final agreement.
Insurance Journal reports that Rhode Island Governor Dan McKee announced the state has finalized a $12M settlement with Deloitte Consulting LLP over the December 2024 ransomware attack that shuttered RIBridges. The attack forced the state’s benefits administration site offline and exposed private information of more than 650,000 people.
The incident underscores the critical importance of robust cybersecurity measures in protecting sensitive government and citizen data. As ransomware attacks continue to evolve in sophistication, public-private partnerships are becoming essential for defense and response.
Organizations must implement comprehensive security frameworks that include regular vulnerability assessments, employee training, and incident response plans. The financial costs of breaches extend far beyond immediate ransom payments to include regulatory fines, legal settlements, and long-term reputational damage.
Deloitte paid the state $5M in February 2025 to compensate for the attack, according to Insurance Journal. Under the final agreement, Deloitte agreed to pay an additional $7M, bringing the total direct financial recovery to $12M.
“The agreement ensures that the state receives additional financial support while also capturing significant value in additional technological enhancements and operational support services during system restoration,” said Thomas Verdi, acting director of the Department of Administration, Insurance Journal reports.
Government Contractor Liability
The settlement highlights the growing financial and reputational risks organizations face when cybersecurity incidents expose sensitive personal data. State regulators are increasingly holding third-party vendors accountable for breaches that occur on their watch.
Deloitte faced several lawsuits alleging negligence in the ransomware attack, Insurance Journal notes. The company denied any wrongdoing but agreed to a $6.3M class action settlement that a federal court approved in January 2026.
The original $5M payment helped defray costs for approximately 2,000 HealthSource RI customers enrolled directly in coverage for January and February 2025, according to Insurance Journal. Deloitte also provided $6M worth of system enhancements, operational support, and business continuity services outside its contract scope.
RIBridges provides access to Medicaid, SNAP, TANF, Child Care Assistance, HealthSource RI, and other public assistance programs. Customers were unable to log into accounts through the portal or mobile app while the system was offline.
The Brain Cipher international ransomware gang was behind the breach, Deloitte indicated. Similar attacks have hit healthcare providers, while ransomware continues to plague organizations across sectors.
Cybersecurity Response
Ransomware attacks have increased in frequency and sophistication over the past year. The Brain Cipher gang has targeted multiple organizations across different sectors, exploiting vulnerabilities in legacy systems and unpatched software.
Government agencies are particularly vulnerable due to outdated infrastructure and limited cybersecurity budgets. The Rhode Island attack demonstrates the need for increased investment in cybersecurity defenses and incident response capabilities.
The settlement was finalized on May 4, 2026.