Ransomware-related breach confirmed by Pennsylvania Attorney General’s Office

The Pennsylvania Office of the Attorney General has confirmed that individuals' names, Social Security numbers, and/or medical details had been exfiltrated following an August ransomware attack claimed by the INC ransomware-as-a-service operation, according to The Record, a news site by cybersecurity firm Recorded Future.

Officials, who did not provide the number of people impacted by the breach, emphasized that there has been no evidence suggesting misuse or attempted misuse of the stolen data. Such an attack, which has been linked to the exploitation of the Citrix Bleed 2 vulnerability, tracked as CVE-2025-5777, had crippled the operations of Pennsylvania's legal system for almost a month.

This situation has certainly tested OAG staff and prompted some modifications to our typical routines however, we are committed to our duty and mission to protect and represent Pennsylvanians, and are confident that mission is being fulfilled," said Attorney General Dave Sunday.