Footnotes in CrowdStrike’s forensics report offer troubling details of Deloitte’s handling of incident logs.
Rhode Island Current reports that the attack on RIBridges triggered hundreds of firewall alerts during the five months that attackers were in the network and were transferring gigabytes of data. But the state’s vendor, Deloitte, did not know the system had been hacked until the Brain Cipher gang publicly disclosed the attack.
“Deloitte missed some issues that we certainly hold them responsible for,” Gov. Dan McKee said at a Thursday morning press conference. “We also want to make sure that people know that we will pursue all avenues in our efforts to ensure accountability.”
One of the things Deloitte appears to have missed was its own incident logs, according to the long-awaited RIBridges forensic report by CrowdStrike from Dec. 16, 2024, to Jan. 31, 2025, and finally released to the public in an abbreviated form Thursday morning.
Read more at Rhode Island Current. The reporting also includes details of the attack and what CrowdStrike was, and wasn’t, able to determine.
