• Home
  • cyber
  • Kent District Library, Michigan, Adams County and Mississippi: Sandstone, MN says SSNs and financial info compromised in ransomware data breach
cyber Ransomware

Kent District Library, Michigan, Adams County and Mississippi: Sandstone, MN says SSNs and financial info compromised in ransomware data breach

Apr 8, 2026 2 min read
Kent District Library, Michigan, Adams County and Mississippi: Sandstone, MN says SSNs and financial info compromised in ransomware data breach

Sandstone, MN Hit by Qilin Ransomware Attack in April 2026

The city of Sandstone, Minnesota, disclosed a ransomware attack in April 2026 that exposed sensitive resident data, including names, Social Security numbers, financial account details, addresses, and dates of birth. The breach was detected on or around April 8, 2026, after city officials identified disruptions in their computer systems. While Sandstone confirmed the incident as a ransomware attack, it has not verified claims by the cybercriminal group Qilin, which took responsibility for the breach on May 4, 2026.

Qilin, a Russia-based ransomware-as-a-service (RaaS) operation active since late 2022, has been linked to 557 claimed attacks in 2026 alone, with 46 confirmed by targeted organizations. The group primarily uses phishing emails to deploy its malware and has increasingly targeted government entities. In 2026, Qilin has been tied to eight confirmed attacks on government bodies, including three in the U.S.: Tulsa International Airport (January 2026), Seal Beach, CA (March 2026), and Rusk County, WI (March 2026).

Sandstone is offering affected residents free credit monitoring but has not disclosed whether a ransom was paid, the amount demanded, or the initial attack vector. The city, home to roughly 2,500 people, joins a growing list of U.S. government entities hit by ransomware in 2026. Comparitech researchers have documented 22 confirmed ransomware attacks on U.S. government organizations this year, including recent incidents in Winona County, MN; Kent District Library, MI; Ardmore, OK; Adams County, MS; and Harrison County, WV.

Ransomware attacks on government systems can disrupt critical services from emergency dispatch to court records while exposing residents to fraud risks. Organizations face the choice of paying ransoms to recover data or risking prolonged downtime and permanent data loss.

Source: https://www.comparitech.com/news/sandstone-mn-says-ssns-and-financial-info-compromised-in-ransomware-data-breach/

Kentec Electronics cybersecurity rating report: https://www.rankiteo.com/company/kentec

Adams County Government cybersecurity rating report: https://www.rankiteo.com/company/adams-county

"id": "KENADA1779906402",
"linkid": "kentec, adams-county",
"type": "Ransomware",
"date": "4/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'customers_affected': '2,500 residents',
                        'industry': 'public administration',
                        'location': 'Sandstone, Minnesota, USA',
                        'name': 'City of Sandstone, Minnesota',
                        'size': 'small (2,500 residents)',
                        'type': 'government'}],
 'attack_vector': 'phishing emails',
 'customer_advisories': 'free credit monitoring offered to affected residents',
 'data_breach': {'data_encryption': 'yes',
                 'personally_identifiable_information': 'names, Social '
                                                        'Security numbers, '
                                                        'addresses, dates of '
                                                        'birth',
                 'sensitivity_of_data': 'high',
                 'type_of_data_compromised': 'personally identifiable '
                                             'information, financial account '
                                             'details'},
 'date_detected': '2026-04-08',
 'date_publicly_disclosed': '2026-05-04',
 'description': 'The city of Sandstone, Minnesota, disclosed a ransomware '
                'attack in April 2026 that exposed sensitive resident data, '
                'including names, Social Security numbers, financial account '
                'details, addresses, and dates of birth. The breach was '
                'detected on or around April 8, 2026, after city officials '
                'identified disruptions in their computer systems. The '
                'cybercriminal group Qilin took responsibility for the breach '
                'on May 4, 2026.',
 'impact': {'brand_reputation_impact': 'potential reputational damage to the '
                                       'city',
            'data_compromised': 'Sensitive resident data, including names, '
                                'Social Security numbers, financial account '
                                'details, addresses, and dates of birth',
            'identity_theft_risk': 'high',
            'operational_impact': 'disruptions in city services',
            'payment_information_risk': 'high',
            'systems_affected': 'city computer systems'},
 'investigation_status': 'ongoing',
 'motivation': 'financial gain',
 'ransomware': {'data_encryption': 'yes', 'ransomware_strain': 'Qilin'},
 'references': [{'source': 'Comparitech'}],
 'response': {'communication_strategy': 'offering free credit monitoring to '
                                        'affected residents'},
 'threat_actor': 'Qilin',
 'title': 'Sandstone, MN Hit by Qilin Ransomware Attack',
 'type': 'ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.