CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

Pennsylvania Attorney General's Office Hit by Ransomware Attack

First reported
Last updated
2 unique sources, 2 articles

Summary

Hide ▲

The Pennsylvania Attorney General's Office has confirmed a ransomware attack that began on August 11, 2025, lasting three weeks. The attack resulted in a service outage affecting the AG's website, email, and phone systems. The AG office refused to pay the ransom and is currently investigating the incident with other agencies. The impact includes disruptions to court proceedings, though the AG office assures that criminal prosecutions and investigations will not be affected. The extent of data exfiltration, if any, remains unknown. The AG's office has confirmed the use of file-encrypting ransomware and that the attack was carried out by an outsider attempting to extort payment. The AG office has not disclosed any details about the ransomware group responsible. Partial recovery of email and phone services has been achieved, with staff operating through alternate methods.

Timeline

  1. 02.09.2025 16:20 2 articles · 27d ago

    Pennsylvania Attorney General's Office confirms ransomware attack

    The outage lasted three weeks, longer than initially reported. The AG's website was partially restored by August 14. Employees began regaining email access by August 18. Phone lines were restored after a week of downtime. The AG's office confirmed the use of file-encrypting ransomware and that the attack was carried out by an outsider attempting to extort payment. The disruption has not negatively impacted criminal prosecutions or investigations. The AG's office is committed to fulfilling its mission despite the outage.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Data I/O Experiences Ransomware Attack and System Outages

Data I/O, a tech manufacturer, has reported a ransomware attack on August 16, 2025, which affected its shipping, manufacturing, and production systems. The company activated its incident response protocols, including taking systems offline and implementing mitigation measures. As of August 21, 2025, the full scope and impact of the attack remain unknown, and the company is still working to restore affected systems. The attack has not yet been determined to have a material impact on the company's business operations, but the costs associated with the incident are expected to be significant. The company is conducting a third-party investigation and will notify affected individuals once the scope and impact are fully understood.

Open in new tab

Inotiv ransomware attack disrupts operations

Inotiv, a U.S.-based pharmaceutical company, experienced a ransomware attack on August 8, 2025, claimed by the Qilin ransomware group. The incident encrypted certain systems and data, disrupting business operations. The company is working to restore affected systems and mitigate the impact. The Qilin ransomware group has been active, also targeting Creative Box Inc. (CBI), a subsidiary of Nissan, on August 16, 2025, stealing four terabytes of data, including 3D vehicle design models and internal reports. The attack involved unauthorized access and encryption of systems, with the Qilin ransomware gang claiming to have stolen approximately 162,000 files totaling 176GB from Inotiv. The company has engaged external security experts and notified law enforcement. The disruption affects databases and internal applications used in business processes, with no estimated timeline for full recovery.

Open in new tab