The Office of the Attorney General of Pennsylvania (OAG) has confirmed that it fell victim to a large-scale ransomware attack that crippled its servers and caused significant delays in both criminal and civil proceedings.
Attorney General Dave Sunday reported that the attackers encrypted official files in an attempt to extort payment, but no ransom was paid. The first signs of the incident emerged on August 18, when the OAG website was taken offline and both email and landline communications across all prosecutorial offices ceased functioning. The most recent update, issued on August 29, confirms that recovery of the infrastructure is still ongoing.
While the agency has not disclosed whether any data was exfiltrated, Sunday emphasized that the investigation is being conducted in coordination with other state agencies, which limits the scope of public comment regarding the nature and impact of the attack. He assured, however, that if necessary, affected citizens would receive individual notifications.
In response to the disruption, several Pennsylvania courts have issued orders extending deadlines for certain civil and criminal cases. Nonetheless, according to Sunday, the attack will not result in the cancellation of investigations or dismissal of cases — the delays are purely technical in nature.
At present, access to the agency’s primary phone line and website has been restored. Most of the OAG’s staff — more than 1,200 employees across 17 offices statewide — have regained use of their official email and continue to perform their duties, including through alternative communication channels.
The OAG stressed that the incident serves as a critical lesson, and the office is actively working with other agencies to ensure such an event does not recur in the future.
