The City of North St. Paul experienced a cyberattack targeting its police department, potentially compromising sensitive data. The exact timing of the breach remains undisclosed, but the city council convened an emergency meeting to approve a $5,000 contract with the McDonald Hopkins law firm and Arete for forensic analysis, specifically investigating a business email compromise (BEC). While the city has cyber insurance to cover costs beyond the deductible, the incident follows a separate, ongoing crippling cyberattack on the neighboring City of St. Paul, which disrupted services for over a week. The North St. Paul attack’s scope is unclear, but the involvement of law enforcement data suggests risks to operational integrity, public trust, and potential exposure of sensitive information (e.g., case files, personnel records, or citizen data). The city’s proactive legal and forensic response indicates concerns over liability, regulatory compliance, and reputational damage, though no explicit confirmation of data exfiltration or ransomware has been reported.
TPRM report: https://www.rankiteo.com/company/city-of-north-st-paul
"id": "cit843090225",
"linkid": "city-of-north-st-paul",
"type": "Cyber Attack",
"date": "8/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Public Administration',
'location': 'North St. Paul, Minnesota, USA',
'name': 'City of North St. Paul',
'type': 'Municipal Government'}],
'description': 'The North St. Paul City Council held an emergency meeting to '
'address a cyberattack on the city’s police department that '
'may have compromised some data. The council approved a '
'contract with McDonald Hopkins law firm and Arete for '
'forensic analysis related to a business email compromise '
'investigation. The forensic analysis will cost at least '
'$5,000, with insurance expected to cover services beyond the '
'deductible. This follows a separate crippling cyberattack on '
'the nearby city of St. Paul, which remains unresolved over a '
'week later.',
'impact': {'data_compromised': 'Potential (unspecified data)',
'financial_loss': '$5,000 (forensic analysis cost, likely covered '
'by insurance beyond deductible)',
'systems_affected': ['Police department systems']},
'investigation_status': 'Ongoing (forensic analysis contracted)',
'references': [{'source': 'Local news report (emergency meeting coverage)'},
{'source': 'Related: St. Paul City Council extends local state '
'of emergency following cyberattack'},
{'source': 'Related: St. Paul says emergency services ‘fully '
'operational’ in wake of cyberattack'}],
'response': {'communication_strategy': 'Emergency city council meeting',
'incident_response_plan_activated': True,
'third_party_assistance': ['McDonald Hopkins (law firm)',
'Arete (forensic analysis)']},
'title': 'Cyberattack on North St. Paul Police Department with Potential Data '
'Compromise',
'type': ['Cyberattack', 'Business Email Compromise (BEC)']}