A ransomware attack crippled Pennsylvania’s Attorney General office, exposing sensitive data including names, Social Security numbers and medical details. Inc Ransom claimed responsibility after exploiting a Citrix vulnerability that disrupted systems for weeks.
Berlin-based Peec AI has raised a $21M Series A to scale its marketing platform for the AI search era. As consumers shift from Google to ChatGPT, Peec helps brands analyse and improve their visibility in AI-generated answers, pioneering the new field of Generative Engine Optimisation (GEO).
Parallel Web Systems, the AI startup from former Twitter CEO Parag Agrawal, has secured $100 million in a Series A round co-led by Kleiner Perkins and Index Ventures. The company is building a new layer of web infrastructure designed for AI agents to search and interact with live, accurate data.
A ransomware attack crippled Pennsylvania’s Attorney General office, exposing sensitive data including names, Social Security numbers and medical details. Inc Ransom claimed responsibility after exploiting a Citrix vulnerability that disrupted systems for weeks.
The Pennsylvania Office of the Attorney General (OAG) has officially confirmed a significant data breach stemming from a ransomware attack that crippled its operations in August 2025. The Inc Ransom group, a prolific ransomware-as-a-service operation that emerged in July 2023, claimed responsibility for the intrusion, alleging the exfiltration of 5.7 terabytes of sensitive data from the agency's network. The attack, discovered on August 9, disrupted the OAG's website, email, and phone systems for approximately three weeks, forcing the office's 1,200 staff members to rely on alternate communication channels.
Compromised information includes the names, Social Security numbers, and medical details of an undisclosed number of individuals, along with files from investigative units and details about the agency's use of Cellebrite forensic software. While the OAG refused to pay the ransom, the data was already stolen. The initial attack vector is believed to be the exploitation of the "CitrixBleed2" vulnerability (CVE-2025-5777) on the agency's public-facing Citrix NetScaler appliances. The FBI is now assisting with the investigation, and the OAG has begun notifying affected parties and offering identity protection services.
"Based on the OAG's review of the data involved, for some individuals the information involved may have included name, Social Security number, and/or medical information." - Attorney General Dave Sunday
This attack underscores the escalating threat that sophisticated ransomware-as-a-service groups pose to critical government institutions. The successful breach of a top state law enforcement agency highlights the severe consequences of failing to patch known, critical vulnerabilities like CitrixBleed2 in a timely manner. For Pennsylvania, this is the third major ransomware incident targeting a state entity in recent years, following attacks on Delaware County in 2020 and the Pennsylvania Senate Democratic Caucus in 2017, revealing a pattern of vulnerability in its public sector cybersecurity posture.
The incident serves as a stark reminder for organizations, particularly in the public sector, of the imperative for robust vulnerability management, rapid incident response, and comprehensive security protocols to protect sensitive citizen data. The Inc Ransom group's claim of accessing FBI network information, while unverified, further amplifies concerns about potential lateral movement and the broader security implications of this breach.
"This situation has certainly tested OAG staff and prompted some modifications to our typical routines — however, we are committed to our duty and mission to protect and represent Pennsylvanians, and are confident that mission is being fulfilled." - Attorney General Dave Sunday
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Somalia's government has confirmed a major data breach of its electronic visa system, exposing the sensitive personal information of over 35,000 travellers. The incident has prompted warnings from the US and UK, raising serious concerns over digital infrastructure security.
GlobalLogic has confirmed that the Clop ransomware group stole the personal and financial data of more than ten thousand current and former employees after exploiting critical vulnerabilities in Oracle’s E Business Suite platform.
Cybersecurity vendor SonicWall has confirmed a state-sponsored threat actor breached its systems by exploiting an API call, exposing the firewall configuration files of every customer who used its MySonicWall cloud backup service.
Japanese media giant Nikkei Inc. has disclosed a data breach affecting over 17,000 individuals after attackers infiltrated its Slack workspace using credentials stolen via infostealer malware on an employee’s personal computer, exposing names, emails, and chat histories.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
