The Pennsylvania Office of the Attorney General (“OAG”) confirms a data breach following a ransomware attack by Inc Ransom group.
The Pennsylvania Office of the Attorney General (“OAG”) confirmed a data breach following a ransomware attack attributed to Inc Ransom group. However, the organization did not share details about the security breach, either the number of affected individuals.
“The OAG later learned that certain files may have been accessed without authorization. The OAG reviewed which data may have been involved and learned that certain personal information was contained in some files. Again, the OAG has no evidence of the misuse, or attempted misuse, of any information that was potentially involved.” reads the media notice published by OAG.
“Based on the OAG’s review of the data involved, for some individuals the information involved may have included name, Social Security number, and/or medical information.”
The attack occurred in August and disrupted its website, email, and phone systems for about three weeks. The extortion group claimed responsibility for the security breach on September 21 and claimed the theft of 5.7 TB of sensitive data.
“Pennsylvania Office of Attorney General is a law enforcement official that protects and serves the agencies of the Commonwealth and citizens of Harrisburg, Pennsylvania.5.7TB data leak, access to internal network of FBI and more…Data includes: Executive Office, Criminal Investigations PC, Financial Crimes, Security, Medicaid Fraud, Bureau of Investigative, Child Predator Section, Environmental Crimes, Retail Theft, Special Operations, Bureau of Narcotics, Word Templates, Celebrite.Contact us using report system and leave your tox for communication in case if you are interested.” reads the message published by the Inc Ransom group on its data leak site.
The Inc Ransom group claimed to have gained “access to internal network of FBI”.
The investigation conducted by OAG confirmed that data involved for some individuals may have included name, Social Security number, and/or medical information.
The Pennsylvania OAG set up a toll-free call center (1-833-353-8060) to assist those affected, available Monday–Friday from 8 a.m. to 8 p.m. ET, excluding U.S. holidays.
In September, cybersecurity researcher Kevin Beaumont reported that attackers had exploited the Citrix NetScaler vulnerability known as CitrixBleed2.
“Pennsylvania Office of Attorney General has been down for several weeks from a ransomware attack.” Beaumont wrote. “They haven’t mentioned it, but I’m told the group got in via CitrixBleed 2.”
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, Pennsylvania Office of the Attorney General)
