CyberHappenings logo
☰
🏠 Home πŸ“‚ Browse ℹ️ About

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

Ransomware Attack on Pennsylvania Attorney General's Office

First reported
Last updated
πŸ“° 2 unique sources, 2 articles

Summary

Hide β–²

The Pennsylvania Attorney General's Office suffered a ransomware attack that has caused a three-week service outage. The attack encrypted files, disrupting systems and services, including the public website, email accounts, and landline phones. The office refused to pay the ransom. The investigation is ongoing, and the extent of data exfiltration is unknown. The attack began on August 11, 2025. The office is partially recovering services, but the website remains inaccessible. Courts have issued time extensions for ongoing cases. The impact on criminal prosecutions, investigations, or civil proceedings is expected to be minimal.

Timeline

  1. 02.09.2025 16:20 πŸ“° 2 articles Β· ⏱ 14d ago

    Pennsylvania AG Office confirms ransomware attack behind service outage

    The Pennsylvania Attorney General's Office confirmed that a ransomware attack caused a three-week service outage. The attack encrypted files, disrupting systems and services. The office refused to pay the ransom. The investigation is ongoing, and the extent of data exfiltration is unknown. Partial recovery of services has been achieved, and courts have issued time extensions for ongoing cases. The office's website was partially restored by August 14, and employees gradually regained email access by August 18. The main phone line was restored after a week of downtime. The office's divisions continued operations using alternate methods during the outage. The attack was confirmed to be caused by file-encrypting ransomware on August 29.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Jaguar Land Rover Production Disrupted by Cyberattack

Jaguar Land Rover (JLR) experienced a cyberattack that severely disrupted its production and retail operations. The attack prompted the company to shut down several systems to mitigate the impact. Customer data was compromised, and the exact nature of the attack and the timeline for recovery remain unclear. The incident affected multiple systems, including those at the Solihull production plant, where popular models like the Land Rover Discovery and Range Rover are manufactured. The attack occurred over the weekend, a common time for such incidents due to reduced response capabilities. This is the second cyberattack JLR has suffered this year, raising concerns about potential vulnerabilities from the previous attack. JLR has extended the production shutdown for another week, with operations expected to resume on September 24, 2025. The company is still investigating the incident and has not attributed the breach to a specific cybercrime group.

Open in new tab

TransUnion Data Breach Exposes Over 4 Million Customer Records

TransUnion confirmed a data breach affecting over 4 million customers. The incident occurred on July 28, 2025, and was detected two days later. An unauthorized actor accessed personal information through a third-party application used by TransUnion's US customer support operations. The compromised data did not include credit reports or core credit information. TransUnion is offering affected customers two years of free credit monitoring services. The identity of the threat actor and any potential correlation with other recent breaches remain unknown.

Open in new tab

Nevada State Agencies Temporarily Shut Down Following Cyberattack

Nevada's state agencies were forced to shut down for two days due to a cyberattack that affected government offices and technology systems. The incident, identified on Sunday, led to the temporary closure of some state websites and phone lines. The state is working to restore services and has not disclosed technical details of the attack. There is no evidence of personally identifiable information being compromised. The attack highlights the ongoing threat of ransomware to government entities, which have been frequently targeted in recent years. The state is advising residents to be cautious of unsolicited communications requesting personal or financial information.

Open in new tab

Data I/O Ransomware Attack Disrupts Operations

Data I/O, a tech manufacturer based in Redmond, Washington, experienced a ransomware attack on August 16, 2025. The incident prompted the company to take certain systems offline and implement mitigation measures. The attack affected shipping, manufacturing, production, and other functions, leading to ongoing outages as of August 21. The full scope and impact of the attack remain unknown, with a third-party investigation underway. The company has not yet informed affected individuals. The attack has not yet been determined to have a material impact on the company's business operations, but the costs associated with the incident are expected to be significant. The attack is currently ongoing, with the company working to restore affected systems. The specific ransomware variant and the initial vector of the attack have not been disclosed.

Open in new tab

Orange Belgium Data Breach Exposes Customer Information

Orange Belgium, a telecommunications subsidiary of the Orange Group, disclosed a data breach impacting approximately 850,000 customers. The breach occurred in July 2025, compromising customer account information, including names, telephone numbers, SIM card numbers, PUK codes, and tariff plans. The attackers did not access passwords, email addresses, or financial information. Orange Belgium is notifying affected customers and advising them to remain vigilant against potential fraud. The breach is unrelated to recent cyberattacks targeting telecom companies worldwide, including a separate incident affecting Orange Group's French customers in July 2025. Orange Belgium has not named the threat group responsible due to an ongoing investigation.

Open in new tab