Minnesota Governor Tim Walz has deployed the state’s National Guard cyber specialists after Saint Paul became the latest major American city to fall victim to a devastating cyberattack that forced officials to completely shut down government networks and disrupt essential services for more than 300,000 residents.
The attack, which began Friday and persisted through the weekend, represents one of the most significant cyber incidents to strike a major U.S. city in 2025, prompting unprecedented emergency measures as officials scramble to restore critical systems while protecting sensitive data from further compromise.
Emergency response mobilized
Governor Walz signed an executive order activating the Minnesota National Guard’s cyber forces, marking a rare deployment of military cyber specialists to assist with civilian infrastructure recovery. The decision underscores the severity of the digital assault on the state’s capital city.
The National Guard’s cyber units will work alongside city officials, state technology experts, and federal agencies to assess the damage and restore compromised systems. This collaborative approach reflects the complex nature of modern cyberattacks that often require resources beyond what individual municipalities can provide.
Saint Paul officials described the incident as a deliberate and sophisticated assault carried out by external criminal actors who specifically targeted the city’s digital infrastructure. The attack’s complexity and scale overwhelmed both internal city resources and commercial cybersecurity vendors brought in to assist with the response.
Citywide service disruptions
The cyberattack forced Saint Paul to implement what Mayor Melvin Carter called a “defensive measure” by shutting down government networks to prevent hackers from accessing additional systems. This precautionary step has created widespread disruptions across city operations.
Residents are experiencing significant inconveniences as the city works to contain the breach. Wi-Fi access has been disabled in all municipal buildings, including libraries and recreation centers that serve as community gathering spaces. Online payment systems for utilities and other city services remain offline, though officials have assured residents they will not face late fees during the outage.
Emergency services continue operating normally, with 911 systems functioning as expected. City officials have established alternative communication channels and provided temporary email addresses for residents reporting storm damage and other non-emergency matters.
Government employee data at risk
Mayor Carter expressed particular concern about the potential exposure of government employee information, noting that city databases contain extensive personnel records. However, he emphasized that the city maintains relatively limited data on general residents, potentially reducing the overall impact on the broader community.
The mayor’s focus on employee data highlights a growing trend in cyberattacks targeting municipal governments, where personnel records often contain social security numbers, addresses, salary information, and other sensitive details that can be valuable to cybercriminals.
City officials have not confirmed whether they received any ransom demands, and Carter stated during a press conference that he was unaware of any such communications. This uncertainty adds to concerns about the attackers’ ultimate objectives and whether the incident involves ransomware or other malicious activities.
Pattern of regional cyber threats
Saint Paul’s ordeal follows a troubling pattern of cyberattacks targeting Minnesota communities and organizations. In November, the neighboring city of Minneapolis experienced a ransomware attack that disrupted park and recreation services, demonstrating the ongoing vulnerability of municipal systems across the Twin Cities metropolitan area.
Earlier this year, a prominent Native American tribe in Minnesota warned residents about a separate cyber incident that impacted local government services, further illustrating the widespread nature of digital threats facing communities throughout the state.
These incidents reflect a broader national trend of cybercriminals increasingly targeting local government entities, which often lack the robust cybersecurity infrastructure of larger corporations or federal agencies.
Recovery efforts underway
The activation of National Guard cyber specialists represents Minnesota’s commitment to restoring normal operations as quickly as possible while ensuring the security of sensitive information. Governor Walz emphasized the state’s dedication to protecting Saint Paul residents and maintaining essential city services during the recovery process.
Cybersecurity experts note that recovery from sophisticated attacks can take weeks or months, depending on the extent of system compromise and the need to rebuild digital infrastructure from secure backups. The involvement of multiple agencies suggests officials are taking a comprehensive approach to both immediate recovery and long-term security improvements.
As Saint Paul continues working to restore full operations, the incident serves as a reminder of the growing cyber threats facing American communities and the importance of robust digital security measures for protecting essential government services that residents depend on daily.