A ransomware gang called Obscura over the weekend took credit for a September 2025 cyber attack on Michigan City, Indiana.
Michigan City officials on October 9, 2025 confirmed a ransomware attack compromised city data and disrupted municipal employee’s online and telephone access.
In a post on its data leak site, Obscura says it stole 450 GB of data from Michigan City, and that the deadline to pay the ransom expired. The attack claim was originally posted on September 28, 2025, but Obscura didn’t reveal Michigan City as the target until now.
Michigan City officials have not verified Obscura’s claim. We do not know what data was compromised, how attackers breached the city’s network, if Michigan City paid a ransom, or how much Obscura demanded. Comparitech contacted Michigan City officials for comment and will update this article if they reply.
“Mayor Angie Nelson Deuitch informed the Michigan City Common Council on Tuesday that the city’s focus is on safely restoring systems and ensuring critical city operations continue to function,” the city said in the October 9 update. “Law enforcement is involved, making the matter an active investigation and limiting what the city can share publicly at this stage.”
Who is Obscura?
Obscura is a new ransomware group that started posting attack claims to its data leak site last month. The attack on Michigan City is the group’s first attack claim acknowledged by the targeted organization.
Obscura’s other claims entail attacks on a German government entity and The Fixing Company, an Irish building supply store that disclosed computer and phone disruptions early last month.
Once a network is infected, Obscura’s malware both steals data and locks down computer systems. Obscura then demands a ransom to restore systems and secure stolen data.
Ransomware attacks on US government
Comparitech researchers have logged 64 confirmed ransomware attacks on US government entities in 2025 to date, plus 42 unconfirmed attack claims that haven’t been acknowledged by the targeted organizations.
In September, ransomware gang Qilin took credit for confirmed attacks on the Orleans Parish Sheriff’s Office (LA), the town of Waxhaw (NC), and Lake Haven Water & Sewer District (WA).
Last month, three US cities issued data breaches notices for ransomware attacks that took place earlier this year:
- Vienna, VA notified 811 people of an August 2025 data breach claimed by ransomware group Cephalus
- Union county, OH notified 45,487 people of a May 2025 data breach caused by a ransomware attack
- St. Joseph, MO notified 11,538 people of a June 2025 data breach caused by a ransomware attack
Ransomware attacks on government entities can both steal data and lock down computer systems. They can disrupt any number of government systems from bill payments to court records and even emergency dispatch. Organizations must pay a ransom for the stolen data and to restore systems, or else they face extended downtime, permanent data loss, and putting data subjects at increased risk of fraud.
About Michigan City, Indiana
Michigan City is home to more than 32,000 people in LaPorte County, Indiana, on the border of Lake Michigan.
