Published: July 29, 2025St. Paul, MN – July 29, 2025 — A massive cyberattack has crippled St. Paul’s digital infrastructure, prompting a state of emergency declaration and the activation of the Minnesota National Guard’s cyber protection team.
Mayor Melvin Carter described the incident as a “deliberate, coordinated digital attack” by sophisticated threat actors. Over the weekend, the city shut down internal networks, online services, and public Wi-Fi. By Tuesday, the breach had escalated beyond local capabilities—triggering emergency intervention by state and federal agencies.
Table of Contents
Statewide Response to a Citywide Crisis
Governor Tim Walz issued an executive order on Tuesday morning, labeling the attack “complex and serious.” He emphasized that the incident surpassed St. Paul’s resources and required immediate state and federal collaboration.
“We are committed to working alongside the City of Saint Paul to restore cybersecurity as quickly as possible,” said Governor Walz. “Above all, we are committed to protecting the safety and security of the people of Saint Paul.”
The Minnesota National Guard’s cyber forces have been deployed and are now working with FBI agents, state IT officials, and federal cybersecurity agencies to investigate the breach and neutralize ongoing threats.
Citywide Systems Taken Offline to Contain the Breach
According to the Office of Technology and Communications, the attack was first identified on Friday morning via internal monitoring systems. Swift analysis confirmed a malicious, coordinated intrusion.
In response, the city shut down multiple digital services, including:
-
Public Wi-Fi in city buildings
-
Online payment systems
-
Library network access
-
Internal municipal operations systems
Officials confirmed that emergency services, including 911, remain fully operational. A partial list of functioning services is available on the city’s website.
Resident Data Exposure Appears Limited
At a Tuesday press conference, Mayor Carter reassured residents that the breach seems limited to internal city systems. He emphasized that while St. Paul holds minimal resident data, employee data may be impacted.
“While this security incident disrupted some of our internal systems, our top priority remains ensuring our emergency response continues without interruption,” said Carter.
He also urged city employees to take extra precautions with their personal information.
FBI Leads Ongoing Federal Investigation
The FBI is spearheading the investigation, working alongside federal cybersecurity experts and two private firms retained by the city. Although authorities haven’t disclosed the identity of the attackers or whether a ransom was involved, the nature of the breach resembles ransomware attacks.
Jaime Wascalus, Director of Technology and Communications, confirmed:
“The City of St. Paul is the victim of a serious crime. We’ve mobilized every available local, state, and federal partner to investigate and respond.”
Neighboring Systems Remain Safe—For Now
Ramsey County officials confirmed their systems remain secure but have restricted digital communication with St. Paul as a precautionary measure.
Implications for Municipal Cybersecurity Nationwide
This incident adds to the growing list of cyberattacks against local governments, many of which struggle with underfunded IT departments and outdated digital infrastructure.
Key Lessons for Other Cities:
-
Early Detection is Crucial: Proactive monitoring allowed officials to act before the breach spread.
-
System Isolation Works: Shutting down vulnerable systems helped contain the threat.
-
Collaboration Is Key: Rapid coordination across city, state, and federal agencies accelerated the response.
-
Transparency Builds Trust: Regular updates from city leaders helped maintain public confidence.
What’s Next for St. Paul?
As of July 29, city services have not yet been fully restored. Investigators are still assessing the extent of the damage and working to identify those responsible.
This attack underscores a harsh truth: no public agency is immune to cyber threats. Cities must now treat cybersecurity as a frontline public safety issue—requiring continuous monitoring, rapid response protocols, and robust cross-government collaboration.