Michigan City, Indiana, Confirms Ransomware Attack After Three-Week Disruption
Michigan City, Indiana a lakeside community of over 30,000 residents has confirmed that a cyber incident disrupting government systems on September 23 was a ransomware attack. Initially described as a "network disruption," the city acknowledged the breach on October 14, revealing that the attack compromised municipal data and disrupted employee access to online and telephone services.
Mayor Angie Nelson Deuitch informed the Michigan City Common Council that recovery efforts are underway, prioritizing the safe restoration of systems while maintaining critical operations. A forensic investigation, led by an External Incident Response Team (including local IT staff and outside agencies), is ongoing to assess the full scope of the attack. Law enforcement is involved, limiting public details due to the active investigation.
On October 16, the Obscura ransomware gang claimed responsibility, alleging they stole 450GB of data and published it after the ransom deadline expired. The group, which emerged in September 2023, has since listed over 15 victims. Michigan City has not commented further on the claims.
This incident follows a 2022 ransomware attack on another Indiana municipality, which prompted a local disaster declaration after crippling multiple government systems.
Source: https://therecord.media/michigan-indiana-city-ransomware
The City of Michigan City, Indiana cybersecurity rating report: https://www.rankiteo.com/company/the-city-of-michigan-city-indiana
"id": "THE1768408645",
"linkid": "the-city-of-michigan-city-indiana",
"type": "Ransomware",
"date": "9/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'municipal employees and '
'residents',
'industry': 'government',
'location': 'Michigan City, Indiana, USA',
'name': 'Michigan City',
'size': 'population of more than 30,000 residents',
'type': 'municipality'}],
'data_breach': {'data_exfiltration': True},
'date_detected': '2023-09-23',
'description': 'Michigan City, Indiana, confirmed a ransomware attack that '
'impacted government systems, forcing many systems offline on '
"September 23. The attack affected a portion of the city's "
"data and impacted municipal employees' online and telephone "
'access. The Obscura ransomware gang took credit for the '
'attack, claiming to have stolen 450 gigabytes of data.',
'impact': {'data_compromised': '450 gigabytes of data',
'operational_impact': 'critical city operations affected',
'systems_affected': "government systems, municipal employees' "
'online and telephone access'},
'investigation_status': 'active',
'ransomware': {'data_exfiltration': True, 'ransomware_strain': 'Obscura'},
'references': [{'source': 'Michigan City official statement'},
{'source': 'Obscura ransomware gang claim'}],
'response': {'communication_strategy': 'providing updates when possible',
'containment_measures': 'systems taken offline',
'law_enforcement_notified': True,
'recovery_measures': 'safely restoring systems',
'third_party_assistance': 'External Incident Response Team (IT '
'professionals from Michigan City and '
'outside agencies)'},
'threat_actor': 'Obscura ransomware gang',
'title': 'Michigan City Ransomware Attack',
'type': 'ransomware'}