SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Ransomware

Pennsylvania Attorney General Confirms Ransomware Behind Weeks-Long Outage

Attack disrupted email, phones, and websites for weeks, but officials say no ransom was paid.
Ransomware attack

The Pennsylvania Office of Attorney General has confirmed that ransomware was behind a three-weeks-long outage impacting operations at offices across the Commonwealth.

The incident was initially disclosed on August 11, via social media posts, as the office’s entire network was down, including its website, email, and main phone line. By August 14, access to the website had been restored in some capacity.

On August 18, Attorney General Dave Sunday announced that employees were gradually being provided with access to their email accounts. Phone lines remained down for another week.

The office’s divisions and respective sections have been operating throughout the outage, albeit using alternate channels and methods.

On August 29, Attorney General Sunday confirmed that file-encrypting ransomware was used in the attack, but did not provide information on the group responsible for it, citing the ongoing investigation.

“The interruption was caused by an outsider encrypting files in an effort to force the office to make a payment to restore operations. No payment has been made,” the Attorney General’s Office said.

Most of the staff has regained access to email and the main phone line has been restored, but the work on restoring full operations continues, the office said.

While courts have issued orders providing time extensions on some cases, the interruption should have no negative impact on criminal prosecutions, investigations, and civil proceedings, the office added.

Advertisement. Scroll to continue reading.

“This situation has certainly tested OAG staff and prompted some modifications to our typical routines — however, we are committed to our duty and mission to protect and represent Pennsylvanians, and are confident that mission is being fulfilled,” Attorney General Sunday said.

SecurityWeek has not seen any known ransomware group claiming the attack on the Pennsylvania Office of Attorney General.

Related: TransUnion Data Breach Impacts 4.4 Million

Related: Nevada Confirms Ransomware Attack Behind Statewide Service Disruptions

Related: Novel 5G Attack Bypasses Need for Malicious Base Station

Related: Rising Tides: Lesley Carhart on Bridging Enterprise Security and OT—and Improving the Human Condition

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Webinar: Breaking AI: Inside the Art of LLM Pen Testing
September 11, 2025

See real-world examples of how attackers engage with LLMs. This session is for anyone securing, testing, or building AI systems, especially those using LLMs.

Register

Virtual Event: Attack Surface Management Summit
September 17, 2025

This virtual event picks apart the various components of attack surface management strategy, the push to mandate continuous asset visibility and inventory tools, and the use of red-teaming, bug bounties and pen-tests in modern security programs.

Register

People on the Move

Vishal Salvi has joined IT services giant Cognizant as Global Head of Cyber Security.

Anti-ransomware and cyber resilience firm Halcyon has named Tony Spinelli as VP and Field CISO.

Managed detection and response company Binary Defense has appointed Dennis Hon as CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.