Cyber Incident Victim: Midland Information Technology Consortium

On October 20, 2022, the Midland Information Technology Consortium (MITCON) suffered a ransomware attack disrupting internet, email, and phone services for its 85 partner organizations, most of which are nonprofits. The attack caused immediate operational interruptions across MITCON’s network, though no specific ransom demand was disclosed publicly. Midland Business Alliance President and CEO Tony Stamas confirmed on November 4, 2022, that internet, email, and phone services had been restored to all partners and that the network was deemed secure again. Full restoration efforts remained ongoing as of the November 8 article publication date, with some aspects dependent on an active international forensics investigation. The Midland Police Department participated in the inquiry, which was characterized as lengthy due to its cross-border scope. No threat actor group or attack vector was identified in available reporting.

The incident triggered a coordinated response involving digital forensics specialists and law enforcement agencies across multiple jurisdictions. MITCON’s leadership publicly acknowledged the team’s handling of the crisis, with Stamas contextualizing the attack amid a 78% global increase in ransomware incidents during 2021. While service restoration mitigated immediate operational impacts, the forensic investigation continued to determine the attack’s origin, methods, and potential data compromises. Criminal charges, if pursued, would focus on felony fraud and computer hacking violations. No evidence suggested data exfiltration or secondary attacks following the initial compromise. The consortium maintained public communication regarding service recovery milestones but did not disclose technical specifics of the attack or remediation measures, citing the ongoing investigation.