- Cyber Syrup
- Posts
- Pennsylvania Attorney General’s Office Confirms Ransomware Attack
Pennsylvania Attorney General’s Office Confirms Ransomware Attack
The Pennsylvania Office of Attorney General (OAG) has confirmed that a ransomware attack was responsible for a three-week outage that disrupted critical operations
In partnership with
CYBER SYRUP
Delivering the sweetest insights on cybersecurity.
The Key to a $1.3 Trillion Opportunity
A new real estate trend called co-ownership is revolutionizing a $1.3T market. Leading it? Pacaso. Created by the founder behind a $120M prior exit, they already have $110M+ in gross profits to date. They even reserved the Nasdaq ticker PCSO. And you can invest until September 18.
Paid advertisement for Pacaso’s Regulation A offering. Read the offering circular at invest.pacaso.com. Reserving a ticker symbol is not a guarantee that the company will go public. Listing on the NASDAQ is subject to approvals.
Pennsylvania Attorney General’s Office Confirms Ransomware Attack
The Pennsylvania Office of Attorney General (OAG) has confirmed that a ransomware attack was responsible for a three-week outage that disrupted critical operations across the Commonwealth.
Timeline of the Incident
The cyberattack was first acknowledged on August 11, when the OAG announced that its entire network — including its website, email, and main phone line — had gone offline. By August 14, limited website functionality was restored, though other services remained unavailable.
On August 18, Attorney General Dave Sunday announced that employees were gradually regaining access to their email accounts. Phone services, however, did not come back online until the following week, prolonging the impact on public-facing operations.
Despite the disruptions, the OAG stressed that its various divisions and sections remained operational, relying on alternative methods and workarounds to continue serving Pennsylvanians.
Confirmation of Ransomware
On August 29, Attorney General Sunday officially confirmed that file-encrypting ransomware was behind the attack. The attackers encrypted portions of the agency’s files in an effort to extort payment in exchange for restoring access.
“The interruption was caused by an outsider encrypting files in an effort to force the office to make a payment to restore operations. No payment has been made,” the OAG said in its statement.
Officials did not disclose which ransomware group was responsible, citing the ongoing investigation.
Impact on Operations
The ransomware attack caused significant disruption, forcing the OAG to operate without core IT systems for weeks. While courts issued extensions for certain cases to account for the delays, officials assured the public that criminal prosecutions, investigations, and civil proceedings were not negatively affected.
By late August, most employees had regained access to email, and the main phone lines were operational again. However, restoration efforts for full system functionality are still ongoing.
Commitment to Resilience
Attorney General Sunday emphasized the dedication of staff in adapting to new workflows during the outage:
“This situation has certainly tested OAG staff and prompted some modifications to our typical routines — however, we are committed to our duty and mission to protect and represent Pennsylvanians, and are confident that mission is being fulfilled.”
Lessons Learned
This incident highlights several important points about the current cybersecurity landscape:
Ransomware remains a persistent and disruptive threat to government entities.
Incident response planning — including containment measures and communication — is critical to limiting damage.
Resilience and continuity of operations can help ensure essential services continue, even in the face of major cyberattacks.
The Pennsylvania OAG continues to work with law enforcement and cybersecurity experts to strengthen defenses and ensure the long-term security of its systems.