The Pennsylvania Office of the Attorney General experienced a significant ransomware attack in August 2025, resulting in the theft of sensitive personal and medical data. The INC Ransom gang claimed responsibility, highlighting ongoing threats to government agencies from ransomware-as-a-service operations. #INC Ransom #Citrix Bleed2
Keypoints
- The Pennsylvania OAG was hit by a ransomware attack that compromised personal and medical information.
- Attackers stole 5.7TB of data and claimed access to an FBI internal network.
- The breach involved exploitation of vulnerable public-facing Citrix NetScaler appliances (CVE-2025-5777).
- INC Ransom, a ransomware-as-a-service group, claimed responsibility for the attack.
- This is the third ransomware breach involving Pennsylvania state entities, highlighting persistent vulnerabilities.