Nearly 70,000 impacted by ransomware attack on Sheboygan, Wisconsin

The Wisconsin city of Sheboygan warned about 67,000 people that a ransomware attack in October gave hackers access to their personal information. 

The city filed breach notification letters with regulators on Friday explaining that Social Security numbers, state IDs and license plate numbers were taken when hackers breached the city’s systems on October 31, 2024.

Officials in Sheboygan hired a cybersecurity firm to conduct an investigation that concluded on May 14 and confirmed that data was stolen. 

Sheboygan, which has about 50,000 residents, previously acknowledged that a ransomware gang had taken credit for the attack but said there was no evidence the hackers stole sensitive data. The attack was claimed in November by a gang called Chort, which shared screenshots of a list of file archives and demanded a ransom. 

The city reported the incident to law enforcement and said they were “incorporating their guidance” in their response to the incident. Officials said emergency services were still available in  but didn’t share any further updates after November 22.

One year of identity protection services will be provided to those affected, the city said in its breach notification letters. 

Sheboygan is one of several government bodies in Wisconsin to be targeted by ransomware gangs over the last two years. 

The Chort ransomware gang emerged in November 2024, claiming attacks on multiple state institutions including Kuwait’s Public Authority of Agriculture Affairs and Fish Resources, a public school in Georgia, and others. 

New York’s Hartwick College was also named on the gang’s leak site. The school confirmed it was attacked last October in breach notification letters sent last month to more than 4,800 victims.