St. Paul , Minnesota, is urging residents to beware of fraudulent invoices amid a persistent St. Paul Cyberattack that has disrupted city services and forced the city to disable key digital infrastructure.
City Services Disrupted Amid Ongoing Cyber Crisis
The city of St. Paul entered its second week battling a “deliberate, coordinated digital attack” that has paralyzed several of its internal systems. Officials confirmed the St. Paul Cyberattack was first discovered on July 25, and since then, critical services such as online payment portals for water bills have been shut down as a precaution. Emergency services, including 911, remain operational, and residents can still pay for trash collection without issue.
To protect the integrity of city systems and prevent further breaches, St. Paul’s IT team proactively disabled multiple online portals. However, a new threat emerged over the weekend: fraudulent invoices impersonating the city.
“Please do not click on any links or email attachments if you are unsure of their origin,” the city warned in an alert posted on its website.
National Guard Joins Response; Residens Urged to Stay Vigilant
The Minnesota National Guard has been activated to support St. Paul’s response—marking the first time the state has deployed cyber resources in such a capacity. Lieutenant Colonel Brian Morgan, who directs cyber coordination for the Guard, stressed the severity of the situation and the evolving nature of cyber threats.
“Every user needs to be on guard all the time,” said Morgan. “These attacks are increasingly sophisticated, especially with the rise of AI-powered tools that can convincingly mimic legitimate users or executives.”
Mayor Melvin Carter addressed St. Paul Cyberattack concerns regarding data privacy, stating that the risk to residents’ personal data is believed to be low, as the city stores minimal sensitive information on residents. However, he acknowledged the uncertainty surrounding employee data, urging city staff to reset stored passwords and adopt stronger online security practices.
Cybersecurity expert Jonathan Wrolstad, who teaches at the University of Minnesota and previously advised the federal government, echoed the need for cautious digital behavior. He emphasized the risk of password reuse across multiple platforms—a common vulnerability exploited by hackers.
“If one site is compromised and you’ve reused that password elsewhere, you’re giving them access to everything,” Wrolstad said. “Use unique passwords for each platform.”
Timeline for Recovery Remains Unclear
Despite immediate action from St. Paul’s IT department, many core services remain offline. Wrolstad voiced concern over the extended disruption, saying that the longer systems remain inaccessible, the more severe the breach may be.
“The thing that concerns me the most right now is just the amount of time that’s gone by,” he said. “Usually, basic services are restored more quickly.”
Mayor Carter emphasized the need for caution over speed. “We would make the problem worse by trying to race to get systems back up before we can have the surety that we need,” he said.
Morgan noted that recovering from a breach of this scale requires extensive time and resources—far beyond what most local government IT departments are equipped to handle. “It takes a lot of energy, and local IT departments just aren’t staffed to recover and manage this kind of event in a reasonable time frame without outside support,” he explained.
At this time, St. Paul Cyberattack officials have not provided a firm estimate on when systems will be restored, underscoring the seriousness of the cyber threat and the ongoing need for public caution.
Also Read : – Cyberattack Cripples Saint Paul: City Declares Emergency, National Guard Deployed
