Ransomware gang Inc over the weekend took credit for an August 2025 data breach at the Pennsylvania Attorney General’s office.
At the end of last month, the PA AG announced it suffered a ransomware attack on August 11 that prevented staff access to archived emails, files, and internal systems. The office said at the time that staff were unable to access litigation data. A judge suspended civil trial litigation and some criminal matters until mid-September.
Inc on September 20, 2025 claimed responsibility for the attack and says it stole 5.7 TB of data. To prove its claim, Inc posted sample images of what it says are documents stolen from the Attorney General’s office.
The Pennsylvania Attorney General has not verified Inc’s claim. It did say that it refused to pay a ransom demand. The AG says it has notified a few individuals that their information might have been compromised in the breach.
“This situation has certainly tested OAG staff and prompted some modifications to our typical routines — however, we are committed to our duty and mission to protect and represent Pennsylvanians, and are confident that mission is being fulfilled,” Attorney General Dave Sunday said in a statement on August 29, 2025.
We do not know what data was compromised or how attackers breached the office’s network. Comparitech contacted the PA AG’s office for comment and will update this article if it replies.
Who is Inc?
Inc Ransomware emerged in July 2023 and targets a wide range of victims in healthcare, education, and government. Its methods involve spear phishing and exploiting known vulnerabilities in software. Once infected, Inc’s malware both steals data and locks down computer systems until a ransom is paid to unlock them.
Inc has taken credit for 126 confirmed ransomware attacks since it began and made 456 attack claims in total. Of those confirmed attacks, 22 hit government entities.
In August 2025 alone, Inc claimed responsibility for ransomware attacks on the following organizations:
- Panama’s Ministry of Economy and Finance
- Canada’s Centre de Services Scolaire des Appalaches (CSSA)
- University of St. Thomas
- OB-GYN Associates
Ransomware attacks on US government
Comparitech researchers have logged 58 confirmed ransomware attacks against US government organizations in 2025 to date, 11 of which occurred in August.
Some recent such attacks include:
- Spartanburg County, SC confirmed a data breach claimed by Qilin last week
- Orleans Parish Sheriff’s Office (LA) confirmed an attack claimed by Qilin earlier this month
- Lorain County Auditor’s Office (OH) just notified 18,491 people of an attack claimed by Global in May
Ransomware attacks on government entities can both steal data and lock down computer systems. They can disrupt any number of government systems from bill payments to court records and even emergency dispatch. Organizations must pay a ransom for the data and to restore systems, or else they face extended downtime, permanent data loss, and putting data subjects at increased risk of fraud.
About the Pennsylvania Office of the Attorney General
The Attorney General is Pennsylvania’s top law enforcement official. The office employs hundreds of lawyers, investigators, and other staff across the state. The attorney general prosecutes organized crime and public corruption, and represents Pennsylvania in lawsuits brought against the state.
