Massachusetts Municipal Wholesale Electric Company (MMWEC) over the weekend confirmed it notified at least 514 people of a January 2025 data breach that compromised Social Security numbers, taxpayer ID numbers, and financial account info.
Ransomware gang BlackSuit claimed responsibility for the attack, saying it stole “data of employees, partners, and people associated with the company from their private network.”
MMWEC has not verified BlackSuit’s claim. We do not know if MMWEC paid a ransom, how much BlackSuit demanded, or how attackers breached MMWEC’s network. Comparitech contacted MMWEC for comment and will update this article if it replies.
“On February 2, 2025, MMWEC discovered suspicious activity in its environment,” says the electric utility’s notice to victims. “The investigation determined that between January 25, 2025 and February 3, 2025, an unknown, unauthorized actor gained access to certain MMWEC
computer systems and accessed and/or acquired certain files stored on these systems.”
MMWEC is offering eligible victims 24 months of free credit monitoring through Experian. The deadline to enroll is October 31, 2025.
Who is BlackSuit?
BlackSuit is a ransomware gang that first emerged in April 2023. It has a history of attacking critical industries like healthcare, government, and education. It’s a private operation and doesn’t employ a ransomware-as-a-service business model. BlackSuit often extorts victims both for the decryption key to restore attacked systems and in exchange for not selling or publishing stolen data.
BlackSuit recently made headlines when its data leak and negotiation websites were seized by international law enforcement. Some experts say the group rebranded or spun off into Chaos, a newer ransomware strain.
Since May 2023, BlackSuit has taken credit for 69 confirmed ransomware attacks, plus 108 unconfirmed claims that haven’t been acknowledged by targeted organizations. About 2.9 million records were compromised in the confirmed attacks alone.
In 2025, BlackSuit attacked two other public organizations:
- Orangeville, Canada reported a Feburary 2025 attack claimed by BlackSuit
- Gloucester County, VA notified 3,527 people of a data breach claimed by BlackSuit
Ransomware attacks on US government
Comparitech researchers have logged 44 confirmed ransomware attacks on US government entities and public utilities, compromising 366,000 records.
Last week, the town of North Providence, RI reported a cyber attack for which ransomware group Medusa demanded $100,000.
Morgan County 911 in Alabama notified 1,804 people of a data breach claimed by Qilin.
Ransomware attacks on US government can both steal data and lock down computer systems. Government agencies, departments, and utilities must either pay a ransom or face extended downtime, permanent data loss, and putting customers at increased risk of fraud. For a utility like MMWEC, a ransomware attack could disrupt billing, customer service, payroll, and, in a worst-case scenario, the actual service provided.
About Massachusetts Municipal Wholesale Electric Company
MMWEC is a non-profit, public electric utility company jointly owned by 19 municipal utilities in the state. As a wholesaler, MMWEC buys power from generators and sells it to utility companies.
