SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Ransomware

Pennsylvania Attorney General Confirms Ransomware Behind Weeks-Long Outage

Attack disrupted email, phones, and websites for weeks, but officials say no ransom was paid.
Ransomware

The Pennsylvania Office of Attorney General has confirmed that ransomware was behind a three-weeks-long outage impacting operations at offices across the Commonwealth.

The incident was initially disclosed on August 11, via social media posts, as the office’s entire network was down, including its website, email, and main phone line. By August 14, access to the website had been restored in some capacity.

On August 18, Attorney General Dave Sunday announced that employees were gradually being provided with access to their email accounts. Phone lines remained down for another week.

The office’s divisions and respective sections have been operating throughout the outage, albeit using alternate channels and methods.

On August 29, Attorney General Sunday confirmed that file-encrypting ransomware was used in the attack, but did not provide information on the group responsible for it, citing the ongoing investigation.

“The interruption was caused by an outsider encrypting files in an effort to force the office to make a payment to restore operations. No payment has been made,” the Attorney General’s Office said.

Advertisement. Scroll to continue reading.

Most of the staff has regained access to email and the main phone line has been restored, but the work on restoring full operations continues, the office said.

While courts have issued orders providing time extensions on some cases, the interruption should have no negative impact on criminal prosecutions, investigations, and civil proceedings, the office added.

“This situation has certainly tested OAG staff and prompted some modifications to our typical routines — however, we are committed to our duty and mission to protect and represent Pennsylvanians, and are confident that mission is being fulfilled,” Attorney General Sunday said.

SecurityWeek has not seen any known ransomware group claiming the attack on the Pennsylvania Office of Attorney General.

Related: TransUnion Data Breach Impacts 4.4 Million

Related: Nevada Confirms Ransomware Attack Behind Statewide Service Disruptions

Related: Novel 5G Attack Bypasses Need for Malicious Base Station

Related: Rising Tides: Lesley Carhart on Bridging Enterprise Security and OT—and Improving the Human Condition

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Webinar: Third-Party Risk in Practice
June 4, 2026

Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice.

Register

Virtual Roundtable: CISO Forum 2026 Mid-Year Review
June 10, 2026

Explore how attackers are using AI to scale threats and how security teams can respond with AI-driven defenses. Protecting against unmonitored use of generative AI (Shadow AI) in business units and building and enforcing AI governance frameworks.

Register

People on the Move

Opal Security has appointed CPO, CTO, VP of Field Engineering, VP of Marketing, and Head of Product and Solutions Marketing.

The Department of the Air Force has appointed Ashley Devoto as Chief Information Officer.

Bartley Richardson has been named Chief AI and Autonomous Systems Officer at CrowdStrike.

More People On The Move

Expert Insights

Popular Topics

Security Community

Stay Intouch

About SecurityWeek

News Tips

Got a confidential news tip? We want to hear from you.

Submit Tip

Advertising

Reach a large audience of enterprise cybersecurity professionals

Contact Us

Daily Briefing Newsletter

Subscribe to the SecurityWeek Daily Briefing and get the latest content delivered to your inbox.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.