PROVIDENCE, R.I. (AP) — A data breach at Rhode Island's public transit agency that compromised the personal information of more than 17,000 people is now under review by the state attorney general's office, officials said Thursday.

The office is “reviewing this incident to determine whether the entities involved have complied with state laws regarding notification and safeguarding of personal information in their custody,” Kristy dosReis, a spokesperson for Attorney General Peter Neronha, told The Providence Journal.

The American Civil Liberties Union of Rhode Island this week sent a letter to the Rhode Island Public Transit Authority demanding to know why people affected by the breach were not notified until Dec. 23 even though it was first discovered in August; why the information of state employees who do not work for the agency or who don't use the bus service was compromised; and why the federal government says more than 5,000 people were affected by the breach, but RIPTA puts that number at more than 17,000.

The breach included private health care information including Social Security numbers, dates of birth, and Medicare identification numbers.

Cristy Raposo Perry, a spokesperson for RIPTA, told WJAR-TV the information on non-employees was sent to the agency by the state's former health insurance provider.

Copyright 2021 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.

Recommended for you

(0) comments

Welcome to the discussion.

Keep it Clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
Don't Threaten. Threats of harming another person will not be tolerated.
Be Truthful. Don't knowingly lie about anyone or anything.
Be Nice. No racism, sexism or any sort of -ism that is degrading to another person.
Be Proactive. Use the 'Report' link on each comment to let us know of abusive posts.
Share with Us. We'd love to hear eyewitness accounts, the history behind an article.