Employees’ Retirement System of Rhode Island Data Breach Investigation

Turke & Strauss LLP, a leading data breach law firm, is investigating Employees’ Retirement System of Rhode Island (“ERSRI”) regarding its recent data breach. The ERSRI data breach involved sensitive personal identifiable information belonging to an undetermined number of individuals.


ERSRI provides retirement, disability, and survivor benefits to various Rhode Island workers. Among the groups served by ERSRI are state employees, public school teachers, judges, state police, participating municipal police and fire employees, and general employees of other participating municipalities. Established in 1936, ERSRI is overseen by a 15-member Retirement Board selected in accordance with Rhode Island General Laws. At present, ERSRI has an active membership of 32,000 and manages $10 billion.


Recently, ERSRI discovered that TIAA, a third-party vendor used by ERSRI, experienced a data breach in which the sensitive personal identifiable information of ERSRI members and beneficiaries may have been accessed. Through its investigation, TIAA determined that the breach occurred through a vulnerability in the MOVEit file transfer platform used by Pension Benefit Information, LLC (“PBI”), a vendor of TIAA. On July 8, 2023, ERSRI posted a notice of the incident to its website. In the coming weeks, PBI will be sending a letter to individuals whose information may have been impacted. The type of information exposed includes:

  • Name
  • Social Security number
  • Date of birth
  • Address
  • Gender

If you receive a breach notification letter from PBI on behalf of Employees’ Retirement System of Rhode Island:

We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at (608) 237-1775 or sam@turkestrauss.com.

If you were impacted by the ERSRI data breach, you may consider taking the following steps to protect your personal information.

  1. Carefully review any breach notice and retain a copy;
  2. Enroll in any free credit monitoring services provided by PBI Research Services on behalf of PBI on behalf of Employees’ Retirement System of Rhode Island;
  3. Change passwords and security questions for online accounts;
  4. Regularly review account statements for signs of fraud or unauthorized activity;
  5. Monitor credit reports for signs of identity theft; and
  6. Contact a credit bureau(s) to request a temporary fraud alert.

Share This Post: