

Several city-only services remain offline as St. Paul, Minnesota, continues to fend off hackers who breached the city’s systems in a “deliberate, coordinated digital attack.” And officials said residents should be on alert for phony bills.
The cyberattack entered its second week on Monday, after officials said they discovered the threat on July 25. Emergency 911 operations are working, but online payment systems for city services like water bills are down. IT staff took that step in response to the attack. Residents can still pay for trash services without issues.
The city, on its website, warned that there are fraudulent invoices claiming to be from the city when they are not.
“Please do not click on any links or email attachments if you are unsure of their origin,” a statement on its page about the attack reads.
Lieutenant Colonel Brian Morgan, director of cyber coordination for the Minnesota National Guard, which is helping the city respond, said users are at a disadvantage to bad actors whose crimes are becoming more advanced. He says they need just one opportunity to take down systems.
“Every user needs to be on guard all the time, basically. That’s the bottom line,” Morgan said. “The attacks and the vectors, as we call them, are getting more and more sophisticated, especially with the development of artificial intelligence tools and abilities to seem like you’re an authentic user or an executive of some sort. It really puts the user in a position of disadvantage.”
Mayor Melvin Carter told reporters on Thursday that officials believe the threat of residents’ personal data being compromised is “low” because the city maintains little sensitive information about the people who live there.
He said it’s unclear if any employee data was breached.
“We also are not at the point yet where we have been able to completely rule that out, which is why we have advised our city staff to take protective measures with regard to their own digital identity and footprints,” Carter said. “That includes resetting passwords that may be stored on their browsers — better yet, not storing passwords on their browsers and taking protective measures regarding their own financial identity as well online.”
Jonathan Wrolstad, who teaches cybersecurity at the University of Minnesota and once advised the federal government on cyber threats, suggested not using the same password for multiple websites and platforms.
“What the hackers are doing now is they’re building a database of all of our usernames and passwords, and then they’re hoping that you’re going to reuse those usernames and passwords across different websites,” Wrolstad told WCCO. “I tell people, ‘Don’t reuse passwords between different websites,’ because if one gets compromised, they can all get compromised, so that can be bad.”
Wrolstad said he doesn’t know any information beyond what has been shared publicly, but that he estimates the breach was “severe.” He believes the city IT staff appeared to act quickly and responsibly when they initially learned of the “suspicious activity” that prompted their response.
“The thing that concerns me the most right now is just the amount of time that’s gone by. Usually, most organizations are able to get basic services up and running in a shorter amount of time,” he explained.
Morgan said some responses take time and significant resources. It’s why Gov. Tim Walz activated the National Guard for its first cyberattack in the state.
“It takes a lot of time to build a network. It takes a lot of time to run a network. It takes a lot of energy, and local IT departments just aren’t staffed to be able to recover and manage this kind of event with any sort of reasonable time frame, typically without outside support. In this case, we are part of that outside support,” Morgan said.
It is unclear when the city services will be up and running again.
“We would make the problem worse by trying to race to get systems back up before we can have the surety that we need,” Carter told reporters last week.
Note: The above video first aired on July 30, 2025.
Caroline Cummings is an Emmy-winning reporter with a passion for covering politics, public policy and government. She is thrilled to join the WCCO team.