Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
City of Saint Paul

City of Saint Paul Vendor Cyber Rating & Cyber Score

stpaul.gov

Life in Saint Paul flows deep with tradition, wide with talent and diversity, and strong with economic and cultural vitality. Incorporated in 1845, the City of Saint Paul is a place of opportunity, offering an amazing array of career paths. As an employer, the City of Saint Paul is a leader in promoting inclusion and equity, preserving culture and traditions, and providing quality public services. With more than 600 job classifications from 16 operating departments and nearly 3,000 employees, you can find your next career with us. The City of Saint Paul’s mission is to integrate equity and inclusion into how we approach all our work. Our vision is to be committed to building an equitable and inclusive city that will shift culture in city


CSP A.I CyberSecurity Scoring

CSP
Company Information
Website:http://www.stpaul.gov/jobs
Employees number:1,421
Number of followers:11,775
NAICS:92
Industry Type:Government Administration
Homepage:stpaul.gov
CSP Risk Score (AI oriented)
Between 0 and 549
logo
CSPGovernment Administration
Updated:
31/03/2026
239/1000
Critical
C
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
CSP Global Score (TPRM)
xxxx
logo
CSPGovernment Administration
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

CSP
CSPCritical
Current Score
239C (CRITICAL)
01000
4 incidents
-242 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
288Before Incident
JUNE 2026
282Before Incident
MAY 2026
264Before Incident
APRIL 2026
254Before Incident
MARCH 2026
229Before Incident
FEBRUARY 2026
215Before Incident
JANUARY 2026
210Before Incident
DECEMBER 2025
182Before Incident
NOVEMBER 2025
176Before Incident
OCTOBER 2025
162Before Incident
SEPTEMBER 2025
150Before Incident
AUGUST 2025
374Before Incident
Ransomware
15 Aug 2025CSP
City of St. Paul

Ransomware Attack on the City of St. Paul, Minnesota

132After Incident
CRITICAL-242
CIT638081725
The City of St. Paul experienced a ransomware attack that disrupted critical municipal services for nearly three weeks. Hackers, attributed to a known cybercriminal group, breached the city’s systems and exfiltrated data, including work documents and copies of IDs belonging to Parks and Recreation employees. While the mayor confirmed no critical personal data of city employees or the public was accessed, the attack forced a system-wide shutdown, requiring over 3,000 employees to reset digital credentials. Online payment services for utilities (water, garbage) and department customer service lines were temporarily disabled, though later restored. The Minnesota National Guard’s cyber team was deployed to assist recovery, and the city remains in an active recovery phase with no confirmed timeline for full restoration. Financial costs and potential long-term reputational damage are still being assessed, with the mayor stating expenses will be disclosed post-recovery. The incident underscores vulnerabilities in government cybersecurity, prompting warnings for other entities to bolster defenses against similar threats.
INCIDENT DETAILS -
TYPE
CyberattackRansomware
MOTIVATION
Financial (ransomware)Data theftDisruption
IMPACT
Financial Loss: Undisclosed (to be shared post-recovery)Work documentsCopies of IDs (parks and rec employees)Online payment services (water, garbage)Customer service linesDigital credentials (3,000+ employees)City IT infrastructureDowntime: Ongoing (as of early August 2023, 'active recovery' phase)Disruption of city servicesCredential reset process for employeesSystem cleanup and restorationBrand Reputation Impact: Potential reputational damage due to public disclosure of breach and data leaksIdentity Theft Risk: Moderate (IDs of parks and rec employees exposed)
DATA BREACH
Employee work documentsCopies of employee IDsSensitivity Of Data: Moderate (IDs and internal documents)Data Exfiltration: Confirmed (hackers released some data online)Data Encryption: Likely (ransomware attack)DocumentsID scans/imagesPersonally Identifiable Information: Yes (employee IDs)
JULY 2025
562Before Incident
Ransomware
01 Jul 2025CSP
City of St. Paul, Minn.

Cyberattack on the City of St. Paul, Minnesota, and Aspen Policy Academy

359After Incident
CRITICAL-203
CIT2662626112525
The City of St. Paul, Minnesota, suffered a deliberate, coordinated ransomware attack in late July 2025, attributed to the ransomware group Interlock. The attack disrupted critical municipal services, forcing a complete shutdown of information systems, including Wi-Fi in public buildings, library services, and internal networks. Emergency services like 911 remained operational, but over 3,500 employees had to reset credentials in person. The attackers leaked 43 GB of stolen data from multiple files and folders, though the city refused to pay the ransom, opting for backup restoration instead. Recovery prioritized public safety, financial stability, and daily operations, with over 90% of systems upgraded with advanced security tools post-incident. The attack overwhelmed the city’s response capacity, prompting Minnesota Governor Tim Walz to activate the National Guard’s cyber protection unit for support. The incident highlighted vulnerabilities in municipal cybersecurity, including outdated legacy systems and insufficient IT resources, despite no direct evidence of data misuse beyond the leak.
INCIDENT DETAILS -
TYPE
CyberattackRansomwarePhishing
MOTIVATION
Financial gain (ransomware), data exfiltration
IMPACT
Data Compromised: 43 GB (City of St. Paul); 1 business account (Aspen Policy Academy)Municipal information systems (City of St. Paul)Wi-Fi in public buildingsLibrary servicesInternal networksBusiness account (Aspen Policy Academy)Downtime: Ongoing as of late August 2025 (partial restoration in prioritized order: public safety → financial stability → daily operations)Complete shutdown of municipal IT systemsWi-Fi outagesLibrary service interruptionsCredential resets for 3,500 employeesDisruption of internal networksBrand Reputation Impact: Potential reputational damage due to public service disruptions and data breachIdentity Theft Risk: High (due to sensitive citizen data exposure)
DATA BREACH
Sensitive citizen data (City of St. Paul)Business account credentials (Aspen Policy Academy)Sensitivity Of Data: High (municipal citizen data; potential PII)Data Exfiltration: Yes (43 GB leaked by Interlock)Data Encryption: Yes (ransomware encryption likely)Personally Identifiable Information: Likely (municipal data)
JUNE 2025
730Before Incident
Ransomware
13 Jun 2025CSP
City of Peabody, Massachusetts, Box Elder County, Utah, City of St. Paul and Minnesota: Peabody, MA warns 48,000+ people of data breach that leaked SSNs, finances

Peabody, MA Hit by Interlock Ransomware Attack Affecting 48,000 Residents

560After Incident
CRITICAL-170
DBMCITCIT1770832987
Peabody, MA Hit by Interlock Ransomware Attack Affecting 48,000 Residents The city of Peabody, Massachusetts, confirmed a June 2025 data breach exposing sensitive information of 48,004 state residents, including Social Security numbers, financial account details, and driver’s licenses. The ransomware group Interlock claimed responsibility, alleging it stole 124 GB of data from Peabody’s government network. However, city officials have not verified the group’s claims, and details about ransom demands or the attack’s entry point remain undisclosed. Peabody detected the breach on July 7, 2025, after discovering inaccessible systems. Investigations revealed unauthorized access between June 13 and July 8, 2025, during which attackers exfiltrated data. Affected individuals were notified and offered free credit monitoring through IDX, with an enrollment deadline of May 5, 2026. About Interlock Emerging in October 2024, Interlock is a ransomware gang known for dual-extortion tactics stealing data and encrypting systems before demanding payment. Since its inception, the group has claimed 41 confirmed attacks, plus 48 unverified incidents. In 2025 alone, Interlock targeted six government entities, including: - West Lothian Council (UK) – May 2025 breach - St. Paul, MN – July 2025 breach (refused ransom) - Box Elder County, UT – August 2025 breach (81,664 affected) - Shelbyville Police Department (KY) – October 2025 breach - Fargo Park District (ND) – October 2025 breach Broader Impact on U.S. Government Entities In 2025, 82 confirmed ransomware attacks on U.S. government bodies compromised data for over 630,000 individuals. Recent incidents include breaches at Midway, FL; Winona County, MN; New Britain, CT; and Tulsa International Airport (OK). Such attacks disrupt critical services from emergency dispatch to court records while forcing agencies to weigh ransom payments against prolonged downtime and fraud risks. Peabody, a coastal city of 55,000 residents in Essex County, joins a growing list of municipalities grappling with ransomware threats.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial gain (ransom)
IMPACT
Data Compromised: Sensitive personal information (Social Security numbers, financial account details, driver’s licenses)Systems Affected: Peabody’s government networkOperational Impact: Disruption of city servicesBrand Reputation Impact: Negative impact on city's reputationIdentity Theft Risk: High (due to exposed PII)Payment Information Risk: High (financial account details exposed)
DATA BREACH
Social Security numbersFinancial account detailsDriver’s licensesNumber Of Records Exposed: 48,004Sensitivity Of Data: High (Personally Identifiable Information)Data Exfiltration: 124 GB (alleged by Interlock)Personally Identifiable Information: Yes
JUNE 2019
765Before Incident
Ransomware
16 Jun 2019CSP
City of St. Paul, MN (Local Government)

Ransomware Attack on St. Paul, Minnesota (July 2025)

640After Incident
CRITICAL-125
CIT850081825
In late July 2025, the City of St. Paul, Minnesota, suffered a ransomware attack that disrupted critical municipal services, though emergency response and public utilities remained operational. The incident was initially labeled a 'digital security incident' to avoid premature speculation, but it was later confirmed as ransomware. The attack aligns with a rising trend of cyber threats targeting local governments, exploiting vulnerabilities like outdated infrastructure, budget constraints, and understaffed IT teams. While the immediate financial ransom demand was not disclosed, historical cases (e.g., Baltimore’s 2019 RobbinHood attack with $18.2M recovery costs) suggest potential long-term expenses in system restoration, consulting fees, and lost revenue. The attack underscored the need for zero-trust security, pre-planned recovery strategies, and transparent public communication to mitigate operational disruptions and erosion of public trust. No evidence of data exfiltration was explicitly mentioned, but the outage risked delays in non-emergency services like billing, permits, and public records.
INCIDENT DETAILS -
TYPE
RansomwareCyber Attack
IMPACT
City services (non-emergency)Potential disruption to billing, permits, or public recordsDisruption of non-emergency city servicesPotential delays in projects due to system outagesPotential erosion of public trustNeed for transparent communication to mitigate reputational damage
DATA BREACH
Likely (given ransomware nature)

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for CSP ?
?
What was CSP's A.I Rankiteo Cyber Score in June 2026 ?
?
What was CSP's A.I Rankiteo Cyber Score in May 2026 ?
?
What was CSP's A.I Rankiteo Cyber Score in April 2026 ?
?
What was CSP's A.I Rankiteo Cyber Score in March 2026 ?
?
What was CSP's A.I Rankiteo Cyber Score in February 2026 ?
?
What was CSP's A.I Rankiteo Cyber Score in January 2026 ?
?
What was CSP's A.I Rankiteo Cyber Score in December 2025 ?
?
What was CSP's A.I Rankiteo Cyber Score in November 2025 ?
?
What was CSP's A.I Rankiteo Cyber Score in October 2025 ?
?
What was CSP's A.I Rankiteo Cyber Score in September 2025 ?
?
What was CSP's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on CSP's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with CSP ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view CSP's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?