Cyber Incident Victim: Ypsilanti Community Utilities Authority

A ransomware infection at the Ypsilanti Community Utilities Authority was detected by an employee working the midnight shift on April 16, 2022. The incident potentially exposed bank payment information belonging to approximately 2,000 utility customers in the Ypsilanti area and surrounding townships. The utility authority confirmed the breach occurred through unauthorized access facilitated by the ransomware attack, though the specific strain of ransomware and initial attack vector were not disclosed in public communications. No evidence suggested the attackers exfiltrated data beyond the compromised payment systems, but the breach created a risk of financial fraud due to the exposure of direct banking details. The organization did not publicly confirm whether ransom demands were made or if negotiations occurred. Internal detection by staff triggered an immediate investigation, though the timeline between detection and full containment was not detailed in available reports.

The Ypsilanti Community Utilities Authority notified affected customers via mailed letters in early August 2022, nearly four months after the incident. These letters acknowledged the potential compromise of bank information but stated no instances of identity fraud or misuse had been reported at the time of notification. The utility did not disclose whether third-party cybersecurity firms assisted in remediation or whether system upgrades were implemented post-incident. Impacted customers were advised to monitor bank accounts but were not offered complimentary credit monitoring services, as no personally identifiable information beyond banking data was confirmed to be exposed. The delay between the April detection and August notification was not explained in the public statement, leaving the investigation duration and system restoration efforts unclear. No regulatory fines or legal actions were reported in connection with the breach as of the latest disclosures.