Data Breach at Pennsylvania AG's Office Included Sensitive Data
A reported data breach earlier this year of the Pennsylvania attorney general’s office “may have involved unauthorized access to personal information,” the AG’s office said Friday.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
The AG’s office first detected the breach on Aug. 9. The office “later learned that certain files may have been accessed without authorization,” it said. The office “reviewed which data may have been involved and learned that certain personal information was contained in some files.”
For some affected individuals, the information in the breach “may have included name, Social Security number, and/or medical information,” the AG’s office said. But it “has no evidence of the misuse, or attempted misuse, of any information that was potentially involved.”
Pennsylvania AG Dave Sunday (R) first disclosed the cyberattack on Aug. 29. "The interruption was caused by an outsider encrypting files in an effort to force the office to make a payment to restore operations," the AG's office said at the time.