Overview
- St. Paul officials confirmed a sophisticated ransomware attack and said they shut down city networks instead of paying a ransom.
- Operation Secure St. Paul requires a global password reset for roughly 3,500 employees over the next three days to lock down systems.
- FBI agents and a Minnesota National Guard cybersecurity unit are leading forensic investigations that so far show no evidence of resident data exfiltration.
- Mayor Melvin Carter said critical systems will begin coming back online within a week after employee devices are inspected and secured.
- Non-emergency services such as library Wi-Fi and online payment portals have been offline for weeks and are set to be restored gradually following the security overhaul.