MuniOS.com, operated by ImageMaster in Ann Arbor, Michigan, has been offline for several days after a ransomware attack, Bloomberg reported. The site distributes “preliminary official statements,” the disclosure packets investors review before municipal bonds are sold. No group has claimed responsibility, and neither a ransom demand nor data theft had been confirmed as of Wednesday, Oct. 15, 2025.
Municipal bonds are issued by states, cities and public agencies to fund roads, schools and other public works. MuniOS serves as a hub for draft disclosures that help investors gauge risk and set pricing for upcoming sales. During periods of heavy issuance, the platform handled a large share of these presale materials.
The outage is disrupting how those documents are posted and viewed. On Oct. 14, the Municipal Securities Rulemaking Board (MSRB) told issuers they can post preliminary official statements on its Electronic Municipal Market Access website, known as EMMA. EMMA is the Securities and Exchange Commission-designated public repository for municipal disclosures. The board said authorized users can submit presale documents even before bonds receive Committee on Uniform Securities Identification Procedures numbers, or CUSIPs, and directed investors to EMMA’s presale page.
MuniOS has long dominated presale distribution. Bloomberg previously reported it captured about 72% of issuer use during the 2017 tax-reform surge, and ImageMaster has marketed its reach as more than 70% of the market. That concentration means even a short outage can slow deal preparation, scatter where investors find documents and complicate analysts’ due diligence.
Authorities have not said who is behind the attack, whether any information was stolen or when service will be restored. In the meantime, issuers that relied on MuniOS for centralized hosting and distribution lists are routing traffic to EMMA and, in some cases, to their investor relations pages to keep sales on track. Issuers without current MSRB accounts may need to register quickly to post documents directly.
