‘Glitch’ may have exposed personal information of hundreds of UHIP users

UHIP customers received this message when they tried to log on to the benefits system on Friday, Nov. 18, 2016.
UHIP customers received this message when they tried to log on to the benefits system on Friday, Nov. 18, 2016.

CRANSTON, R.I. (WPRI) — The Rhode Island Department of Human Services revealed Wednesday why it shut down the customer portal of the state’s new embattled benefits system last week.

The agency discovered a glitch that potentially made customers’ personal information accessible to other people. The customer portal was closed for about two hours last Friday while the glitch was fixed.

After initially placing the number at 1,000, DHS said its sending notices to 202 people who may have been affected by the glitch. DHS said those people will be offered credit monitoring by Deloitte, the company behind the United Health Infrastructure Project, or UHIP.

DHS told Eyewitness News the issue could potentially affect those who used the customer portal on a public computer and failed to close the window of their browser following the session. In these cases, if another user logged on to that same browser window within 15 minutes, there was the potential they could have access to the prior user’s information – even if the first user logged off of their account.

“This is obviously an issue we are concerned about,” said Michael DiBiase, Department of Administration director. “We were able to, through looking at logs, determine that the number of potentially affected people is approximately 1,000. We think it’s far less than that.”

DHS said those eligible for the year of identity protection must meet all of the following characteristics:

  • Individual user
  • Using publicly accessible computer
  • Failed to close out window
  • Another individual accessing same site within 15 minutes

The agency said it is unaware of any misuse of personal information.

“We don’t actually know of it actually happening, but we wanted to make sure that we were protecting the people who could have this potential,” DiBiase said.

The glitch is just the latest in a long list of problems and controversies with the site, which included lack of payment to child care providers and funeral homes, as well as warnings from the federal government.