The state of Minnesota has activated the National Guard to assist the city of St. Paul after a massive cyberattack disrupted internal systems and city services. Officials described the city of St Paul cyberattack as a “deliberate, coordinated, digital attack” by hackers, prompting an emergency declaration and a full-scale response involving local, state, and federal agencies.
Governor Tim Walz announced that he had signed an executive order authorizing the deployment of the Minnesota National Guard’s cyber protection teams.
“The magnitude and complexity of the cybersecurity incident have exceeded the city’s response capacity,” the governor said. “The Minnesota National Guard’s cyber forces will collaborate with city, state, and federal officials to resolve the situation and mitigate lasting impacts. Above all, we are committed to protecting the safety and security of the people of Saint Paul.”
State of Emergency Declared
St. Paul Mayor Melvin Carter declared a state of emergency to streamline the city’s response and secure additional resources. The order authorizes the city’s Department of Emergency Management and the Office of Technology and Communications (OTC) to coordinate efforts with partner agencies.
“Protecting the integrity of our city’s digital infrastructure is critical to the safety and wellbeing of our residents and citywide operations,” Mayor Carter said. “While this security incident disrupted some of our internal systems, our top priority remains ensuring our emergency response continues without interruption.”
City officials said that in the early hours of July 25, cybersecurity monitoring systems detected suspicious activity on the city’s network. A rapid investigation confirmed that malicious actors were targeting St. Paul’s information systems. In an effort to contain the threat, officials proactively restricted access to affected networks and then initiated a full shutdown of internal systems.
Systems Shut Down to Contain City of St Paul Cyberattack
The shutdown due to city of St Paul cyberattack led to citywide service outages, including the loss of Wi-Fi in government buildings, disruptions to the library collection management system, and the temporary suspension of several internal applications. However, Mayor Carter emphasized that essential services, including public safety and emergency response, remain fully operational.
“This was not a system glitch or technical error,” Carter said during a press briefing. “This was a deliberate, coordinated digital attack, carried out by a sophisticated external actor—intentionally and criminally targeting our city’s information infrastructure.”
The Saint Paul city has activated its Emergency Operations Center to lead the response. According to OTC Director Jaime Wascalus, the city is working around the clock with the Minnesota Information Technology Services team, national cybersecurity partners, and federal law enforcement agencies, including the FBI, to investigate the incident.
“We are the victim of a serious crime,” Wascalus said. “In response, we have mobilized every available local, state, and federal partner to support our investigation and response efforts. We continue to assess this situation in real time.”
National Cybersecurity Support Mobilized
As part of the emergency response to city of St Paul cyberattack, the city has retained two national cybersecurity firms with extensive expertise in dealing with large-scale data breaches. These experts will support the restoration of systems, the strengthening of network defenses, and the investigation into the origin of the city of St. Paul cyberattack.
Mayor Carter confirmed that he had spoken directly with Governor Walz and formally requested the Minnesota National Guard’s support. “Their cybersecurity experts are now actively assisting us in securing, restoring, and rebuilding our digital infrastructure,” he said.
The National Guard’s cyber protection team is expected to provide additional technical capacity to speed up system recovery and reduce the risk of further compromise.
Ongoing Investigation
City leaders have not yet disclosed the identity of the attackers or their motives, citing the sensitivity of the ongoing investigation. They also said it is too early to confirm whether any sensitive data was accessed or stolen during the cyberattack on city of St. Paul.
“We are urging all city staff to take precautionary steps to safeguard their digital security, in both their professional and personal lives,” Carter said.
At press conference, Chief Information Security Officer Stefanie Horvath, Deputy Mayor Jaime Tincher, and Emergency Management Director Rick Schute joined Mayor Carter and OTC Director Wascalus to outline the coordinated effort underway. St. Paul Police Chief Axel Henry and Fire Assistant Chief Jeramiah Melquist also briefed the media on how emergency responders are adapting to service disruptions while maintaining readiness for public safety incidents.
Protecting Public Trust
Mayor Carter reiterated that maintaining the trust of residents is at the center of the city’s response. “From the very beginning of this incident, preserving our ability to deliver emergency services has been a top priority,” he said. “We remain focused on defending our systems, protecting our city, and upholding the trust of the people we serve.”
While most city systems remain offline as a precaution, officials said they are making progress in restoring critical functions. “This remains not only an ongoing investigation but an active and dynamic threat,” Carter said. “We are able to provide basic information about what has happened and the steps we are taking in response—but we will not speculate on the motivations of the threat actor or share specific details about the investigation at this time.”
Broader Impact
Cyberattacks targeting municipal governments have become increasingly common in recent years, often involving ransomware groups seeking financial gain or politically motivated actors attempting to disrupt essential services. Such cyberattacks can paralyze city operations and potentially expose sensitive data, making rapid response critical.
Governor Walz emphasized the state’s commitment to helping Saint Paul recover and prevent future attacks. “We are committed to working alongside the City of Saint Paul to restore cybersecurity as quickly as possible,” he said.
City officials promised to continue providing updates as they work to assess the full scope of the breach, rebuild secure systems, and return to normal operations.
“This breach was intentionally caused by a criminal external threat actor,” Mayor Carter said. “We will not stop until we have restored our systems and ensured the safety and security of our city’s digital infrastructure.”
