Minnesota Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Minnesota.jpg
 

Public Safety

Minnesota Judicial Branch & Hennepin County

Breach Type - Hack

Star Tribune

  • 46yr old man (John Kelsey Gammell) paid hacking services to bring down web networks
  • Including Minnesota Judicial Branch & Hennepin County
  • Paid monthly subscription fees for DDoS attacks
  • "Hacker-for hire" services available on the dark web, Gammell's preferred service called "vDos"
  • Israel based operators
Read More
Star Tribune

  • Gammell's attacks targeted and hit Hennepin County Sherriff's office
  • Gammell pleaded guilty to all charges
Read More

 
BACK TO TOP

Local Government

Minneapolis Mayor Official Email, Hennepin County  

Breach Type – Phishing, Other

 
   
Washington Times
 
 
  • Minnesota mayor was victim of phishing cyberattack, which compromised his official city email address
  • Local news outlets received emails asking recipients to open suspicious attached PDF file
  • Emails enticed potential victims with fictitious business proposal from city
  Read More
     

 
 
Dakota County Social Services Department, Dakota County

Breach Type - Phishing, Data Breach

Data Breaches

  • The county had discovered that there had been unauthorized access to one of its employee’s emails
  • Following the compromise, the county made sure to replace all active passwords and add authentication
  • Around 1,000 people may have been exposed with sensitive personal information
Read More

 
Minnesota Department of Human Services

Breach Type - Phishing, Data Breach

Star Tribune

  • A data breach may have exposed over 11,000 individuals revealing sensitive information
  • The DHS notified lawmakers that an email account had been compromised by a hacker logging into a staff email account
  • It is unknown how much information was compromised but money transfers were requested by the hacker
Read More

 
Minnesota Department of Human Services

Breach Type - Phishing, Data Breach

Twin Cities

  • A Phishing Scheme compromised more than 3,000 people’s data
  • An account was hacked and spoofed emails were sent in September 2018
  • IT began to apprehend the attack a day after it happened
Read More

 
Social Services Department, Ramsey County

Breach Type - Phishing, Data Breach

The Lancaster News

  • Personal information of hundreds of Ramsey County Social Services clients potentially compromised
  • Hackers gained access to the email accounts of dozens of county employees
  • Data Security firm investigated breach and notified county in October
Read More

 
Minnesota Department of Human Services

Breach Type - Phishing, Data Breach

KSTP

  • Two employee email accounts compromised in phishing scheme
  • Hackers exploited emails to send out spam emails
  • Email accounts contained private data of DHS clients, potentially exposed in data breach
Read More

 
City of Albert Lea, Freeborn County

Breach Type - Phishing, Data Breach

ABC 6 News

  • City notified by FBI of hacking incident
  • Phishing email infiltrated City of Albert Lea
  • W-2 forms sent to hackers
  • 330 current and former employees potentially affected
Read More

 
Ramsey County

Breach Type - Phishing, Other

Hacker Combat

  • Ramsey County detected suspicious activity within the network
  • Implemented security measures for all employee accounts
  • Email cyber attack compromised 30 employee email accounts of 4,000 targeted employees
Read More

 
Hennepin County Government Employees, Hennepin County

Breach Type - Phishing, Data Breach

Star Tribune

  • 20 Hennepin County employees fall victim to phishing scheme
  • Phishing e-mails disguised as pay-raise notifications
  • County customer data potentially exposed
  • Hennepin County consists of 9,500 employees, blocking spam emails every quarter
Read More

 
Becker County

Breach Type - Ransomware

Echo Press

  • Virus took down website, disabled printers, was slowly corrupting IT networks
  • County has uncontaminated server, where files were backed up the night before the attack
  • Board members being advised against opening files from Becker County to avoid further contamination
  • Email systems also hacked, hackers sending out insulting emails on behalf of county
Read More

 
Sterns County

Breach Type - Hack

USA Today

  • Part of Islamic Union test hacks of government websites
  • Hackers claim they were testing government websites, not attacking
  • Sterns county does not know cause of the hack
Read More

 
Minnesota State Government Database

Breach Type - Hacking, Data Breach

FOX 9

  • Minnesota State Government Database hacked by activist protecting fatal shooting of Philando Castile
  • Hacker allegedly stole a list of 1,400 email addresses and passwords
  • Hacker claimed they could impersonate Minnesota government officials or state employees with the information obtained
Read More

 
Crow Wing County Board

Breach Type - Ransomware

Brainerd Dispatch

  • Well timed file backup saved county from paying ransom
  • Backup server unaffected by ransomware attack
  • County is working on ways to improve firewall
Read More

 
City of Wadena

Breach Type - Ransomware

Wadena Pioneer Journal

  • Virus hits city hall computers
  • Caused several files to be lost
  • Virus turned out to be ransomware, locking multiple files
  • No data breach of private information has been found
Read More

 
Prior Lake City Hall

Breach Type - Hack

Prior Lake American

  • Computer virus struck HVAC system
  • No evidence of data breach of personal information
  • Cost the city between $10,000 & $15,000 to fix issues
  • Majority of the computers were cleaned, some files lost
  • Virus mimicked ransomware, Cryptolocker, but lacked similar characteristics
Read More

 
BACK TO TOP

Medical

Bayview Dental, Chisago County

Breach Type – Hacking, Data Breach

Data Breaches

  • Bayview was subject to a cyber attack potentially exposing private sensitive information
  • As investigations are going on in a precautionary effort Bayview dental had gave notice to potentially exposed customers
  • 12 months of credit monitoring had been offered for those affected by this attack
Read More

 
Riverplace Counseling Center, Anoka County

Breach Type - Unknown, Malware

Data Breaches

  • The center had noticed that they were a victim of an attack on January 20th
  • A Technology firm had come to the aid of the Counseling center to remove malware and restore the systems to the backups
  • It could not be verified if patient information had been exposed due to the attack
Read More

 
Reproductive Medicine and Infertility Associates, Washington County

Breach Type - Malware

Twin Cities

  • Clinic was target of malware attack with unknown source
  • Sensitive personal information has been exposed
  • Forensic experts offered no answers on origin of attack
Read More

 
Associates in Psychiatry and Psychology, Olmsted Co.

Breach Type - Ransomware

DataBreaches

  • Ransomware attack encrypted practice files in late March
  • Ransomware variant known as "TripleM"
  • Hackers demanded 4 Bitcoin as ransom from practice
  • Practice negotiated down to .5 Bitcoin & paid hackers to decrypt files
Read More

 
Edina Fertility Clinic

Breach Type - Ransomware

Minnesota CBS Local

  • Patients potentially affected in ransomware attack
  • Hackers could have accessed private information when installing malware
  • Edina notified patients of data security incident
Read More

 
Blaine Chiropractic Center

Breach Type - Phishing

Data Breaches

  • Hacker installs malware using a hidden administrator account
  • The hidden account was created by a third-party software vendor
  • It is not known if sensitive patient information was exposed/misused
  • Blaine Chiropractic offering credit monitoring to those potentially impacted
Read More

 
BACK TO TOP

Education

Blue Earth Area Senior High School, Faribault County

Breach Type – Hacking, Other

Data Breaches

  • Area school hit with cyberattack, school forced to replace computers
  • Bad actors destroyed computer controls for gymnasium humidity
  • In addition to computers, school likely will be forced to replace gym floor
Read More

 
Park Rapids Area Schools, Hubbard County

Breach Type - Unknown, Ransomware

Park Rapids Enterprise

  • Park Rapids Schools victim of virus attack
  • Network administrator worked to rebuild server files from backups
  • Data restored from backups, no data lost
Read More

 
Cloquet School District, Carlton County

Breach Type - Ransomware

Pine Journal

  • Cloquet School District targeted in ransomware attack
  • Virus encrypted files on all servers, including network shared drives
  • No data exfiltrated by hackers
  • District will use cyber insurance to cover the costs
Read More

 
Proctor Schools

Breach Type - Hack

Duluth News Tribune

  • Employee opened malicious phishing email which launched ransomware on Proctor school system
  • Student data and payroll information unaffected in attack
  • District will not pay ransom
  • Hiring cyber forensic data company to combat hacker
Read More

 
Bloomington School

Breach Type - Phishing

MPR News

  • Bloomington employee falls victim to W-2 spear phishing scheme
  • Employees' personal and financial information at risk
  • Breach affected several thousand employees
  • School District offering one year of identity protection to those potentially affected
Read More

 
BACK TO TOP