UnitedHealthcare and Rhode Island Public Transit Authority: ‘It’s legit’: RI workers getting more than expected from data breach settlement

Rhode Island State Employees Receive Settlement Payments After 2021 Data Breach

Current and former Rhode Island state employees have begun receiving payments from a settlement tied to a 2021 data breach involving the Rhode Island Public Transit Authority (RIPTA) and UnitedHealthcare. The breach, attributed to a hacker group with Russian ties, exposed the personal and healthcare information of approximately 20,000 public employees.

In August 2021, RIPTA paid a $170,000 ransom to the hackers. A subsequent class-action lawsuit, filed by the ACLU of Rhode Island in 2022, alleged that both RIPTA and UnitedHealthcare failed to adequately protect or destroy sensitive employee data. The case was settled last year, with affected workers eligible for compensation.

Claimants could request reimbursement for out-of-pocket expenses (up to $1,000), lost time (up to $60 for four hours), and extraordinary losses such as identity theft or fraud (up to $7,500). Additionally, five years of credit monitoring valued at approximately $840 per person was offered, though it remains unclear how many employees utilized the service.

Initial estimates suggested average payouts of around $100 per person, but fewer claims than expected led to higher-than-anticipated distributions, averaging over $400 per claimant. Some recipients expressed skepticism about the legitimacy of the payments, prompting assurances from class-action attorney Peter Wasylyk, who confirmed the funds were valid.

The settlement underscores the financial and operational fallout of the breach, which compromised sensitive employee data and resulted in significant ransom demands. The case highlights ongoing vulnerabilities in public-sector cybersecurity and the legal consequences of inadequate data protection measures.

Source: https://www.wpri.com/target-12/its-legit-ri-workers-getting-more-than-expected-from-data-breach-settlement/

UnitedHealthcare TPRM report: https://www.rankiteo.com/company/unitedhealthcare

Rhode Island Public Transit Authority TPRM report: https://www.rankiteo.com/company/rhode-island-public-transit-authority

"id": "unirho1769235537",
"linkid": "unitedhealthcare, rhode-island-public-transit-authority",
"type": "Breach",
"date": "8/2021",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '20,000 public employees',
                        'industry': 'Public Transportation',
                        'location': 'Rhode Island, USA',
                        'name': 'Rhode Island Public Transit Authority (RIPTA)',
                        'type': 'Government Agency'},
                       {'customers_affected': '20,000 public employees',
                        'industry': 'Healthcare',
                        'location': 'USA',
                        'name': 'UnitedHealthcare',
                        'type': 'Private Company'}],
 'customer_advisories': 'Settlement payments and credit monitoring offered to '
                        'affected employees',
 'data_breach': {'number_of_records_exposed': '20,000',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Personal and healthcare '
                                             'information'},
 'date_detected': '2021-08',
 'description': 'Current and former Rhode Island state employees have begun '
                'receiving payments from a settlement tied to a 2021 data '
                'breach involving the Rhode Island Public Transit Authority '
                '(RIPTA) and UnitedHealthcare. The breach, attributed to a '
                'hacker group with Russian ties, exposed the personal and '
                'healthcare information of approximately 20,000 public '
                'employees.',
 'impact': {'brand_reputation_impact': 'Significant',
            'data_compromised': 'Personal and healthcare information',
            'financial_loss': '$170,000 (ransom paid)',
            'identity_theft_risk': 'High',
            'legal_liabilities': 'Class-action lawsuit settlement'},
 'investigation_status': 'Settled',
 'lessons_learned': 'Ongoing vulnerabilities in public-sector cybersecurity '
                    'and the legal consequences of inadequate data protection '
                    'measures.',
 'motivation': 'Financial gain',
 'post_incident_analysis': {'corrective_actions': 'Settlement payments, credit '
                                                  'monitoring, and '
                                                  'reimbursement for '
                                                  'out-of-pocket expenses',
                            'root_causes': 'Inadequate protection or '
                                           'destruction of sensitive employee '
                                           'data'},
 'ransomware': {'ransom_paid': '$170,000'},
 'references': [{'source': 'Class-action lawsuit settlement'}],
 'regulatory_compliance': {'legal_actions': 'Class-action lawsuit filed by '
                                            'ACLU of Rhode Island'},
 'response': {'communication_strategy': 'Settlement payments and advisories to '
                                        'affected employees'},
 'threat_actor': 'Hacker group with Russian ties',
 'title': 'Rhode Island State Employees Data Breach Settlement',
 'type': 'Data Breach, Ransomware'}