PROVIDENCE, R.I. (WPRI) -- Rhode Island officials are urging residents to take immediate steps to protect themselves following a major cyberattack on state government, warning that their personal data could soon be exposed.

At a hastily called news conference on Saturday evening -- the second in as many days -- Gov. Dan McKee and other officials shared practical tips about what people can do if they are among the hundreds of thousands of people at risk from the hack.

"We know this situation is alarming, and it's stressful," McKee said. He urged people to save the URL for the website where the state will be posting continued updates about the situation: cyberalert.ri.gov.

Officials say they first learned on Dec. 5 that an international cybercriminal group may have breached RIBridges, the state system formerly known as UHIP used for a host of health and benefits programs. They became more alarmed in recent days after the hackers sent a screenshot of file folders from RIBridges and revealed malware had been put into the system.

The hackers are believed to have stolen information -- including Social Security and bank account numbers -- for potentially hundreds of thousands of residents who have used a long list of state programs over the last eight years. Individuals who are directly affected will be getting a letter in the mail from the state notifying them.

The programs include Medicaid, the Supplemental Nutrition Assistance Program (SNAP), Temporary Assistance for Needy Families (TANF), the Child Care Assistance Program (CCAP), HealthSource RI health insurance, Rhode Island Works, Long-Term Services and Supports (LTSS), the General Public Assistance (GPA) program, and AT HOME cost-sharing.

Those programs will revert to paper applications on Monday because the online portal usually used for them -- called "HealthyRhode" -- is being kept offline due to the attack, officials said.

The R.I. Department of Labor and Training's separate system for unemployment insurance and other out-of-work benefits is unaffected by the cyberattack, according to Matt Weldon, the department's director.

Michael Tetreault, a cybersecurity advisor at the U.S. Department of Homeland Security, urged Rhode Islanders who think they may be affected to strengthen their passwords; turn on multi-factor authentication; and contact the three credit-monitoring bureaus to freeze their credit.

"Identity theft is very popular," Tetreault said.

SNAP and RI Works beneficiaries are also being urged to learn how they can freeze and unfreeze their EBT cards in order to ensure their benefit payments aren't stolen. That can be done through the company that manages the cards, FIS, either online or using its mobile app. Detailed instructions are in a PDF on the state's website.

(Story continues below video.)

State officials have been meeting throughout the day to deal with the situation. The governor said he called Saturday's news conference to communicate the urgency of taking action based on new information officials have learned over the last 24 hours.

The cybercriminals are in communication with a security consultant hired by Deloitte, the contractor that runs RIBridges for the state, McKee said. The hackers have indicated that "data could be exposed in the near future -- as early as this coming week," he said.

The exact timing of a potential data leak is "a moving target," McKee added.

Jonathan Womer, director of the R.I. Department of Administration, said Deloitte and the cybercriminals are in ongoing negotiations. Neither Womer nor McKee indicated how much money the hackers have demanded, but Womer said Deloitte would make a decision about whether to pay in consultation with law enforcement authorities.

A spokesperson for Deloitte told 12 News they couldn't provide any additional information "as this is an ongoing investigation."

The FBI has so far declined to comment on the situation.

Womer said Deloitte, as the state's vendor for RIBridges, is "obligated" to help the state through the process of dealing with the cyberattack and covering costs associated with it. He said the company will be paying for a free credit-monitoring service for affected residents.

One of the people the governor has turned to for counsel is former Congressman Jim Langevin, who was one of Capitol Hill's leading experts on cybersecurity as a lawmaker and is now leading a new cyber institute at Rhode Island College. Langevin recommended that Tetreault join the other officials to provide expertise at the the news conference, McKee said.

RIBridges was created as part of the Unified Health Infrastructure Project, or UHIP. Its development and launch was a major debacle for state government during the administration of former Gov. Gina Raimondo.

Raimondo's administration spent years in disputes with Deloitte -- which had been paid hundreds of millions of dollars to build UHIP -- over fixes and refunds related to the IT system. In 2021, the McKee administration agreed to a three-year contract extension for Deloitte valued at $99 million.