Overview

• St. Paul officials confirmed a sophisticated ransomware attack and said they shut down city networks instead of paying a ransom.
• Operation Secure St. Paul requires a global password reset for roughly 3,500 employees over the next three days to lock down systems.
• FBI agents and a Minnesota National Guard cybersecurity unit are leading forensic investigations that so far show no evidence of resident data exfiltration.
• Mayor Melvin Carter said critical systems will begin coming back online within a week after employee devices are inspected and secured.
• Non-emergency services such as library Wi-Fi and online payment portals have been offline for weeks and are set to be restored gradually following the security overhaul.