Ransomware cyber

Virginia Attorney General’s Office

Mar 25, 2025 1 min read
Virginia Attorney General’s Office

The Virginia Attorney General's Office was the target of a sophisticated cyberattack by the Cloak ransomware group, leading to the shutdown of critical IT systems, including email and VPN services. The breach, detected in February 2025, resulted in the theft of 134GB of sensitive data, which was subsequently made available on the group's Tor leak site after the waiting period expired. The stolen data includes sensitive information, and the consequences of this breach could significantly affect the organization's operations and the privacy of individuals associated with the office.

Source: https://securityaffairs.com/175751/data-breach/cloak-group-hacked-virginia-attorney-generals-office.html

TPRM report: https://scoringcyber.rankiteo.com/company/virginia-office-of-attorney-general

"id": "vir000032525",
"linkid": "virginia-office-of-attorney-general",
"type": "Ransomware",
"date": "3/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Government',
                        'location': 'Virginia',
                        'name': "Virginia Attorney General's Office",
                        'type': 'Government Office'}],
 'data_breach': {'data_exfiltration': '134GB',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Sensitive information'},
 'date_detected': 'February 2025',
 'description': "The Virginia Attorney General's Office was the target of a "
                'sophisticated cyberattack by the Cloak ransomware group, '
                'leading to the shutdown of critical IT systems, including '
                'email and VPN services. The breach, detected in February '
                '2025, resulted in the theft of 134GB of sensitive data, which '
                "was subsequently made available on the group's Tor leak site "
                'after the waiting period expired. The stolen data includes '
                'sensitive information, and the consequences of this breach '
                "could significantly affect the organization's operations and "
                'the privacy of individuals associated with the office.',
 'impact': {'data_compromised': ['Sensitive information'],
            'operational_impact': 'Significant',
            'systems_affected': ['Email', 'VPN services']},
 'motivation': 'Data theft and extortion',
 'ransomware': {'data_exfiltration': '134GB', 'ransomware_strain': 'Cloak'},
 'threat_actor': 'Cloak ransomware group',
 'title': "Cloak Ransomware Attack on Virginia Attorney General's Office",
 'type': 'Ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Ransomware cyber

Intel

public 1 min read
The Iranian ransomware-as-a-service operation, Pay2Key.I2P, reemerged after a five-year hiatus, targeting organizations in the US and Israel. The group,…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.