
























The city of Suffolk, Virginia over the weekend confirmed it notified 157,725 people of a February 2026 data breach that compromised names, Social Security numbers, and financial account info.
The notices sent to breach victims last month cite a ransomware attack as the cause of the breach. Investigators said the attack was halted before the ransomware could be deployed, but not before cybercriminals stole data from Suffolk’s network, according to city officials.
A cybercriminal group called Cloak took credit for the breach. On its data leak website, Cloak said it stole 2.5 TB of files from Suffolk.
Suffolk officials have not acknowledged Cloak’s claim and Comparitech cannot independently verify it. We do not know how attackers breached Suffolk’s network, if Suffolk paid a ransom, or how much Cloak demanded. Comparitech contacted Suffolk officials for comment and will update this article if they reply.
“To date, our investigation revealed that malicious actors gained access to the City’s data on or about February 24, 2026, and attempted to deploy ransomware to encrypt portions of the network,” says Suffolk’s official notice (PDF) to breach victims. “The malicious actor’s network access was terminated soon after it was detected.”
The notice does not mention any offer of free credit monitoring or identity theft protection for breach victims.
Cloak is a ransomware group that first started claiming its cyberattacks in August 2023. Its malware both steals data and locks down computer systems, forcing victims to pay a ransom or face extended downtime, data loss, and putting data subjects at increased risk of fraud.
This isn’t the first time Cloak hacked a Virginia government entity. In February 2025, the group took credit for a breach at the state’s Attorney General.
The group has claimed responsibility for 75 ransomware attacks in total. Of those, 20 have been confirmed by the entities it targeted.
In addition to Suffolk and the VA AG, Cloak took credit for three other confirmed attacks on government entities:
Suffolk is Cloak’s second confirmed attack of 2026. The other hit German retailer Dinnebier Gruppe in January.
Comparitech researchers have logged 20 confirmed ransomware attacks on US government entities in 2026 to date.
The attack on Suffolk is the 11th-largest such breach to date by number of records affected. The top 10 are:
Ransomware attacks on US government agencies and departments can both steal data and lock down computer systems. The attacker then demands a ransom to delete the stolen data and in exchange for a key to recover infected systems. If the target doesn’t pay, it could take weeks or even months to restore systems, and people whose data was stolen are put at greater risk of fraud. Ransomware can disrupt everything from communications to billing, payroll, access to data and applications, and online services.
Suffolk is home to about 95,000 people in the Hampton Roads area of southeastern Virginia. It’s the 10th-most populous city in the state.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。