St. Paul Mayor Confirms Data Breach in Interlock System
▼ Summary
– The Interlock ransomware group published stolen employee data online after St. Paul, Minnesota, refused to pay their ransom demands.
– Approximately 43GB of data from St. Paul City Council systems, primarily from a Parks and Recreation shared drive, was leaked.
– The leaked files include varied, unsystematic content such as work documents, personal IDs, and even personal items like recipes.
– St. Paul is offering affected employees 12 months of credit monitoring and identity theft protection.
– Cybersecurity analysts observed the Interlock group updating its leak site with stolen data, claiming significant infrastructure damage.
St. Paul officials have confirmed a significant data breach involving city systems, with sensitive employee information now circulating online after failed ransom negotiations. The incident stems from an attack by the Interlock ransomware group, which recently published roughly 43GB of stolen data from St. Paul’s municipal networks.
Mayor Melvin Carter addressed the situation during a recent press briefing, clarifying that the compromised files originated from a shared network drive primarily used by the Parks and Recreation department. “This wasn’t a breach of critical city systems like payroll or licensing,” Carter emphasized. “The exposed data appears to be a mix of work-related documents, personal employee files, and miscellaneous items stored by staff over time, ranging from HR submissions to informal personal content.”
The city has responded by offering affected employees 12 months of credit monitoring and identity theft protection services. The announcement followed cybersecurity researchers’ discovery of the leaked data on Interlock’s dark web platform, which included sensitive details belonging to both municipal workers and residents.
In a defiant statement accompanying the stolen files, the ransomware group claimed the attack caused extensive infrastructure damage and financial losses. Authorities are now working to assess the full scope of the breach while urging vigilance among those potentially impacted. The incident underscores the growing risks faced by local governments as cybercriminals increasingly target public sector networks.
(Source: Infosecurity Magazine)
