$ stealing sheboygan
The Logic of the Ledger: The Price of Silence
When a city government stops talking, follow the invoices. The City of Sheboygan’s paper trail from December 2024 to June 2025 reveals a calculated shell game designed to fund an emergency rebuild while maintaining a public facade of "routine upgrades." The reality: the city’s security was built on borrowed time and borrowed hardware.
The December Shell Game: $461,286
On December 2, 2024, while residents were told there was "no evidence" of a data breach, the Common Council moved $461,286 into the IT budget through Resolution 129-24-25. The funding sources were a masterclass in municipal accounting misdirection:
* **$401,286 from the Transit System Budget: This money was pulled from "previously unused 2024 budgeted amounts."
* $60,000 from the Riverfront Parking Master Plan: Earmarked for cybersecurity hardware and software upgrades.
The Execution: City officials claimed this was for "pre-existing infrastructure needs" rather than an incident response. In reality, the city leveraged a specific accounting loophole: the Transit budget’s local share was backfilled by CARES Act (ARPA) and FEMA grant dollars. By raiding the Transit fund to pay for IT, the city effectively used federal COVID-relief and emergency management funds to scrub the ransomware stains off their servers.
The "Loaner" Firewall Scandal: $129,842
Seven months after the attack—and six weeks after the mayoral election—the city finally admitted its perimeter was a hollow shell. Resolution 25-24-25 (June 2, 2025) authorized an additional $129,842 for the emergency purchase of firewall hardware and professional services from Capital Data.
* The Admission: The resolution revealed that since October 31, the City had been operating on loaned firewall equipment from an outside entity.
* The Crisis: The unnamed entity demanded their equipment back, forcing the city to scramble for a permanent replacement.
* The Archives are Silent on This: The city has never disclosed which "entity" was generous enough to lend a municipality its primary security perimeter for half a year, nor why a city of 50,000 people didn't own its own firewalls.
The Fund Equity Drain
To pay for the Capital Data hardware in June, the city didn't look for new revenue. They dipped into the IT Fund – Fund Equity Applied. This is the department's "rainy day" savings.
* The Consequence: By draining fund equity, the city isn't just paying for the 2024 failure; they are cannibalizing the budget for 2026 and 2027.
* The Narrative vs. The Ledger: The Narrative said the systems were "secured" in November. The Ledger shows the city didn't even own its firewalls until June.
Summary of Known Mechanics
| Date | Amount | Source | Vendor/Purpose |
|---|---|---|---|
| Dec 2024 | $401,286 | Transit Budget (Backfilled by CARES/FEMA) | General Infrastructure Upgrades |
| Dec 2024 | $60,000 | Riverfront Parking Master Plan | Cybersecurity Software |
| June 2025 | $129,842 | IT Fund Equity | Capital Data (Permanent Firewalls) |
The archives confirm that while the Mayor’s office maintained silence for the election, the Finance department was frantically moving hundreds of thousands of dollars to replace hardware that should have been in place years ago.
Since we’ve mapped the money, do you want to look at the specific Fond du Lac Police investigation into how the IT department's lack of oversight allowed the DataCove surveillance scandal to happen in the first place?
