The City of Saint Paul, Minnesota, suffered a major cyber attack, prompting Governor Tim Walz to deploy the National Guard, marking the first time the state has activated its Cyber Protection Unit in response to a digital threat.
Relatively small Saint Paul is Minnesota’s state Capital, with a population of just over 300,000. It is also the second largest city after Minneapolis, which attracted worldwide attention after the 2020 George Floyd protests.
According to city officials, St. Paul detected the cyber attack on July 25 after detecting “suspicious activity” on its internal systems. It responded swiftly by shutting down impacted systems to contain the incident.
St. Paul’s cyber attack disrupts critical services
St. Paul Mayor Melvin Carter stated that the cyber attack had “initiated a full shut down of our information systems as a defensive measure to contain the threat.”
He further explained that the shutdowns were necessary to “limit exposure, preserve system integrity, and protect sensitive information.” Mayor Carter also declared a state of emergency in response to the cyber attack.
According to the mayor, the incident was “a deliberate, coordinated digital attack, carried out by a sophisticated external actor—intentionally and criminally targeting our city’s information infrastructure.”
Meanwhile, the city has not provided an expected date of resolution. Currently, many affected digital services remain unavailable, a week after the cyber attack, suggesting that the attackers had deployed ransomware.
“This attack has all the signs of ransomware,” said Paul Bischoff, Consumer Privacy Advocate at Comparitech. “Ransomware attacks hit local governments all the time, from small rural counties to larger cities like St. Paul.”
Subsequently, the city must rebuild its digital systems afresh from data backups, if it had any, since paying a ransom was unlikely.
“While many city services remain available, some may be temporarily delayed or disrupted due to limited system access. We appreciate your patience and understanding as we work to bring systems fully back online,” the city stated.
Although the cyber attack disrupted several systems, including online payments, library, and recreation services, the city assured its residents that emergency services were unaffected.
However, local law enforcement officers resorted to using radios instead of digital systems to ensure public safety. Nevertheless, officials stated that the city does not face any major security threats.
“To be crystal clear, there is absolutely no problem with our emergency response,” Police Chief Axel Henry told reporters.
Local, state, and federal authorities are also collaborating to investigate the incident and restore impacted services. Minnesota Information Technology Services is also liaising with external technology vendors to respond to the cyber attack.
Nevertheless, government officials warned that the cyber attack had overwhelmed the state’s capabilities, suggesting that restoring the impacted systems could take longer.
“Unfortunately, the scale and complexity of this incident exceeded both internal and commercial response capabilities,” Gov. Walz stated.
National Guard Cyber Unit deployed
Subsequently, the Minnesota National Guard Cyber Unit was called in to assist the city in responding to the cyber attack and restore impacted services. The city’s Emergency Operations Center is also coordinating the whole-of-government response.
“The Minnesota National Guard’s cyber forces will collaborate with city, state, and federal officials to resolve the situation and mitigate lasting impacts,” Gov. Walz added.
As a result, thirteen members of the Minnesota National Guard’s Cyber Protection Unit were deployed to respond to the cyber attack.
Meanwhile, St. Paul is not the first American city to experience a crippling ransomware attack. Back in April 2025, the city of Abilene, Texas, was hit by a similar ransomware attack that disrupted its digital systems, forcing it to resort to manual systems.
