The Virginia Attorney General's Office was the target of a sophisticated cyberattack by the Cloak ransomware group, leading to the shutdown of critical IT systems, including email and VPN services. The breach, detected in February 2025, resulted in the theft of 134GB of sensitive data, which was subsequently made available on the group's Tor leak site after the waiting period expired. The stolen data includes sensitive information, and the consequences of this breach could significantly affect the organization's operations and the privacy of individuals associated with the office.
TPRM report: https://scoringcyber.rankiteo.com/company/virginia-office-of-attorney-general
"id": "vir000032525",
"linkid": "virginia-office-of-attorney-general",
"type": "Ransomware",
"date": "3/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Government',
'location': 'Virginia',
'name': "Virginia Attorney General's Office",
'type': 'Government Office'}],
'data_breach': {'data_exfiltration': '134GB',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Sensitive information'},
'date_detected': 'February 2025',
'description': "The Virginia Attorney General's Office was the target of a "
'sophisticated cyberattack by the Cloak ransomware group, '
'leading to the shutdown of critical IT systems, including '
'email and VPN services. The breach, detected in February '
'2025, resulted in the theft of 134GB of sensitive data, which '
"was subsequently made available on the group's Tor leak site "
'after the waiting period expired. The stolen data includes '
'sensitive information, and the consequences of this breach '
"could significantly affect the organization's operations and "
'the privacy of individuals associated with the office.',
'impact': {'data_compromised': ['Sensitive information'],
'operational_impact': 'Significant',
'systems_affected': ['Email', 'VPN services']},
'motivation': 'Data theft and extortion',
'ransomware': {'data_exfiltration': '134GB', 'ransomware_strain': 'Cloak'},
'threat_actor': 'Cloak ransomware group',
'title': "Cloak Ransomware Attack on Virginia Attorney General's Office",
'type': 'Ransomware'}