A cybercriminal group called Inc over the weekend took credit for hacking the city of Meriden, Connecticut.
Meriden officials on February 17 reported several weeks of system disruptions including delayed water bills. Services at the city clerk and tax collector offices were still being restored over a month later.
Inc, a ransomware gang, claimed responsibility for the breach on its data leak website. To prove its claim, Inc posted sample images of what it says are documents stolen from Meriden.
Meriden officials have not acknowledged Inc’s claim and Comparitech cannot independently verify it. We do not know what data was compromised, how attackers breached Meriden’s network, if Meriden paid a ransom, or how much Inc demanded. Comparitech contacted Mayor Kevin Scarpati for comment and will update this article if he replies.
“The City of Meriden recently identified an attempted interruption of our internet services,” says Scarpati’s February 17 notice.
“This will not affect any emergency services provided to the city. However, non-essential services may be limited or altered until the internet is restored. ”
Who is Inc?
Inc is a ransomware group that first surfaced in July 2023 and targets a wide range of victims in healthcare, education, and government. Its methods involve spear phishing and exploiting known vulnerabilities in software. Once infected, Inc’s malware both steals data and locks down computer systems until a ransom is paid to unlock them.
Inc has claimed responsibility for 704 ransomware attacks since it began, and 175 of those were confirmed by the targeted organizations. Of those 175 confirmed, 25 attacks hit government entities.
Earlier this month, Inc took credit for hacking Namibia Airports Company, the state-owned operator of eight large airports in the country.
In 2026 to date, Inc has claimed 124 attacks, 11 of which have been confirmed by the targeted organizations.
Ransomware attacks on US government
Comparitech researchers have logged 10 confirmed ransomware attacks on US government entities in 2026 to date.
The Jackson County, IN sheriff recently confirmed it will not pay a ransom following an attack on its systems.
Foster City, CA just restored phone and email connectivity following a ransomware attack that began in the middle of March.
Similar attacks were reported in Passaic County, NJ; Midway, FL; Winona County, MN; New Britain, CT; Tulsa International Airport, OK; Huntington, WV; and Hart, MI.
Ransomware attacks on government entities can both steal data and lock down computer systems. They can disrupt any number of government systems from bill payments to court records and even emergency dispatch. Governments must pay a ransom for the stolen data and to restore systems, or else they face extended downtime, permanent data loss, and putting data subjects at increased risk of fraud.
About Meriden, CT
Meriden is a city in New Haven County, Connecticut between New Haven and Hartford. It’s home to more than 60,000 people.
