Ransomware Attack Hits Pennsylvania Attorney General's Office

On November 19, 2025, the Pennsylvania Attorney General's Office confirmed a significant ransomware attack attributed to the Inc Ransom group. This incident exploited a vulnerability in Citrix NetScaler (CVE-2025-5777), leading to the exposure of sensitive information, including names and Social Security numbers of individuals. The attack compromised approximately 5.7 terabytes of data, resulting in operational disruptions that lasted nearly three weeks. The breach highlights the persistent threat posed by ransomware and the critical need for organizations to prioritize timely vulnerability patching and incident response.

This incident serves as a reminder of the vulnerabilities present in widely-used software solutions and the potential for significant data loss if left unaddressed. The Attorney General's Office is currently working on recovery and response efforts as they assess the full impact of the breach. Organizations are urged to evaluate their security postures and implement robust measures to mitigate similar risks in the future.

For more details on this breach, visit Cyber News Centre.