Indiana City Confirms Ransomware Hackers Behind September Incident
Michigan City, Indiana confirmed a ransomware attack that forced systems offline on September 23, later claimed by the Obscura group, which alleges theft of 450 GB of data. Officials report ongoing forensic investigation and law enforcement involvement while prioritizing restoration of critical city operations. Obscura, a relatively new group, has named 15+ victims since emergence. The case illustrates municipal exposure to ransomware, where limited IT staff and shared services complicate resilience and recovery, and public services (telephony, online portals) suffer disruption.
CORTEX Protocol Intelligence Assessment
{"Business Impact":"Service disruption, potential PII exposure, and incident response costs for municipal operations.","Technical Context":"Initial access details undisclosed; actor claims large data exfiltration; typical double-extortion pressure."}
Strategic Intelligence Guidance
- Segment critical city services; maintain offline, immutable backups with tested restore.
- Implement MFA and harden remote access; monitor for data exfiltration beacons.
- Establish public communication templates and legal coordination for PII notifications.
- Engage state/federal resources for incident support and takedown assistance.
Threats
Targets
Impact
Data Volume:450GB
Financial:450 GB (claimed)
Intelligence Source: Indiana city confirms ransomware hackers behind September incident | The Record | Oct 15, 2025