Pennsylvania Attorney General Confirms Data Breach After Ransomware Attack

Pennsylvania's AG hit by ransomware, exposing 5.7 TB of data including SSNs and medical records, with potential CitrixBleed2 exploit.

By Content Team

Nov 18, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Pennsylvania's Attorney General office confirmed a major data breach following a ransomware attack that disrupted services for three weeks in August. The Inc Ransom group claimed responsibility in September, allegedly stealing 5.7 TB of data including personal information like Social Security numbers and medical records from investigative units.

The hackers also accessed details about the office's use of Cellebrite software, which extracts data from mobile devices. While officials say there's no evidence of data misuse, cybersecurity experts remain skeptical since ransomware groups typically publish or sell stolen information. The attack likely exploited a Citrix Netscaler vulnerability called CitrixBleed2.

Source: Security Week

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

TeamPCP Hackers Launch Massive Supply Chain Attack Across Open Source Ecosystem

Mar 25, 2026

Hackers Compromise Popular JavaScript Library Axios, Potentially Affecting 600,000 Downloads

Mar 31, 2026

Python Repositories Hit by Sophisticated Malware Campaign Using Stolen VS Code Credentials

Mar 17, 2026

Russian Hackers Exploit Microsoft Office Bug Just 3 Days After Patch

Feb 4, 2026