ARTICLE AD BOX
St. Paul city officials say hackers who launched an attack on the city’s computer systems posted some of that data online, after the city refused to pay a ransom.
Mayor Melvin Carter said late Monday that what was posted is a tiny percentage of what’s kept on the city’s servers — about 43 GB, from more than 153 TB. The data appeared to be from a single shared network drive used by parks and recreation employees.
“These are not core city systems like payroll, permitting or licensing,” he said. “The contents are varied and unsystematic. They could include everything from work documents, copies of IDs submitted for HR or travel, or even personal items like recipes.”
At a news conference, Carter briefly described authorities’ interaction with the hackers, who used a variant of ransomware known as “Interlock.”
“We asked them to demonstrate what they had, and they — instead of demonstrating what they had — decided to end the conversation, which was an indication to us that they may not have thought that they had much by way of value,” he said.
Carter did not say how much ransom was sought. He said the decision to not pay the hackers also stemmed from the fact the city knew it likely could not be locked out of any of its data — and that it was in line with recommendations from cybersecurity officials, including the Minnesota National Guard and the FBI.
Carter said it’s possible the hackers might have more data than what was posted — so the city is offering a year of free credit monitoring and identity theft protection to all employees.
Some city services are still offline following the cyberattack, which was first detected in late July.
The city is completing in-person password resets for all workers — and installing more advanced security software, along with poring “through every server, every system, every application that we host, to ensure their integrity and their safety,” Carter said.
City officials said after that process is done, it takes time to bring systems and services back online.
English (US) ·