The Mayor of St. Paul, the capital of Minnesota, has confirmed that the Interlock Rainmware Gang is responsible for a cyber attack that disrupted several systems and services of the city in July.
On 29 July, Minnesota Governor Tim Walz activated the National Guard in response to the Cripping Cyber attack affecting St. Paul digital services and important systems.
The city requested the Minnesota National Guard’s cyber protection assistance due to the impact of Cyber attack more than the incident reaction capacity of St. Paul.
“While many city services are available, some limited systems may be temporarily delayed or interrupted due to access. We appreciate your patience and understanding because we work to bring the system completely online,” the city They say,
“Online payments are currently unavailable. No late fees will be assessed during this period. Additional billing and service updates will be shared after the system is restored.”
The city is still working with local, state and federal partners to investigate the July attack and restore the functionality of the complete system, but says that emergency services are unaffected.
On Monday, Mayor Malvin Carter Confirmed The interlock ransomware group was behind the attack, saying that the incident does not affect the personal or financial information of the residents and the city refused to pay the ransom demand for the gang.
The ransomware gang added St. Paul’s city to its dark web portal earlier this week, claiming that they stole more than 66,000 files or more than 43 GB of data, some of which have now been published on the group’s leaked site.
The gang claimed, “A large part of the infrastructure was damaged, a lot of damage and damage were incorporated! The worst conditions were included in the residents whose data was compromised,” the gang claimed.
The interlock surfaced in September 2024 and since then, with focus on healthcare organizations, victims worldwide have been violated in various industry sectors.
The ransomware gang was previously associated with the clickfix attacks and malware attacks, in which he deployed a remote access trojan called Nodsanek on a network of several UK universities.
Recently, Interlock claimed responsibility for violating and stealing 1.5 terabytes from Davita, a Fortune 500 company specialized in kidney care, and to hack the catering health, a healthcare giant with over 120 outpatient facilities and more than 15,000 employees.
Prior to the St. Paul ransomware attack, CISA and FBI warned of increasing interlock ranges and sacks of this ranges and FBI, sharing mitigation measures to protect against the attacks of this ranges and gangs.
The passwords broke in 46% of the atmosphere, almost doubled by 25% last year.
Picus Blue Report 2025 Now get a wider look at more conclusions on prevention, detection and data exfIs.
