Officials confirmed Oct. 10 that a late-September network disruption in Michigan City, Indiana, was a ransomware attack. The Sept. 23 incident affected portions of city data and disrupted municipal employees’ online and telephone access. In response, the city took segments of its network offline, engaged outside specialists, and notified law enforcement while working to keep critical operations running.
City leaders said police, central services and emergency dispatch continued operating, and that recovery and a forensic investigation are underway. They have not said whether attackers accessed or exfiltrated data, whether a ransom was demanded, which systems were affected, or when full restoration is expected—citing the active probe and promising updates as available.
Transparency remains limited. Officials have not named a threat group or detailed notification plans for residents or employees pending investigative findings. The city first acknowledged the disruption on Sept. 25 and said it partnered with network specialists to restore services securely.
