Nearly three weeks after being hit by ransomware, the Pennsylvania Office of Attorney General (OAG) says that “substantial progress” has been made in restoring network systems, but still no word on what data may have been compromised as court delays continue.
-
The Pennsylvania Attorney General’s Office is still recovering from a three-week-old ransomware attack, forcing 1,200 staff across 17 home offices to initiate major workarounds.
-
Courts have issued case delays, but officials say as of now, no prosecutions or investigations have been derailed.
-
What data was accessed remains unknown, raising concerns over sensitive court files and broader government exposure.
In its latest update over the holiday weekend, Pennsylvania Attorney General Dave Sunday revealed the “interruption was caused by an outsider encrypting files in an effort to force the office to make a payment to restore operations.”
Sunday stressed that “no payment has been made” to the unnamed attackers.
According to Sunday, the ransomware attack forced “approximately 1,200 people stationed at 17 home offices” to perform daily duties using “alternate channels and methods.”
“This situation has certainly tested OAG staff and prompted some modifications to our typical routines,” the Attorney General said.
Friday’s update said some courts have issued time extensions on certain criminal and civil cases, but also noted that state attorneys and investigators have still been able to go to court and perform tasks.
The Attorney General’s office took to Facebook on August 11th to announce systems had been knocked offline in the attack, which included the OAG website, staff email accounts, and phone lines.
“This is a frustrating situation, and everyone is doing their very best,” Sunday said, adding that the IT teams were “diligently working around the clock to resolve the matter.”
“We will continue to do the work of protecting Pennsylvanians no matter the obstacle,” Sunday said.
The network that hosts the Office of Attorney General’s systems is currently down, meaning the office’s website is offline, as are office email accounts and land phone lines. pic.twitter.com/yTQfYhmdQx
undefined PA Attorney General Dave Sunday (@PAAttorneyGen) August 11, 2025
Sensitive court files at risk
Based on preliminary evidence, the AG office believes no criminal prosecutions, investigations, or civil proceedings will be negatively impacted.
However, the OAG also said it is “working to help other agencies avoid a similar scenario,” leading Cybernews to assume the attack may be more substantial than previously stated, with possible repercussions for other government offices in the Harrisburg state capital buildings.
Furthermore, the AG’s office has not revealed the amount or type of data the attackers may have accessed in the encryption process. The OAG has also not revealed how the attackers were able to breach the secured network.
Cybernews has reached out to the OAG and is awaiting a response at the time of this report.
Cyber intrusions on the US Federal Court system in August and the Netherlands-based International Criminal Court (ICC) in June have led to concerns over the security of sensitive files held by justice agencies.
From exposing the personal details of witnesses and confidential informants to staff members, attorneys, and judges, these types of sensitive documents “can be targets of interest to a range of threat actors,” the US Federal Courts said last month.
Some filings could also contain proprietary information that is sealed from the public, possibly comprising upcoming criminal and civil cases to be heard by the courts.
“Complaints from Pennsylvanians are being received, and we are in communication with local, state, and federal partner agencies as normal courses of business. This will not be our final public update on the matter,” the OAG said.
Your email address will not be published. Required fields are markedmarked