Howells has assembled a world-class team to help him find—and possibly recover—the digital treasure. DriveSavers was chosen as the data recovery partner to take on this once-in-a-generation challenge.
ドライブセイバーズ社のサイバー専門家、KMOJラジオでセントポールのサイバー事件について語る
ドライブセイバーズ社のサイバー専門家、KMOJラジオでセントポールのサイバー事件について語る
DriveSavers Data Recovery’s Head of Cyber Recovery Services, Andy Maus, joined KMOJ Radio’s Freddie Bell to share expert insights on the recent cyber incident that affected St. Paul, Minnesota and neighboring North St. Paul, offering his expert insights on the situation.
At the time of the interview, the City of St. Paul had not yet disclosed the nature of the digital security incident. Since then, city officials have confirmed it was a ransomware attack.
Listen to the full interview here:
Summary of the Interview
Andy Maus, DriveSavers Data Recovery’s Head of Cyber Recovery Services, began the conversation with Freddie Bell of KMOJ Radio, by explaining the difference between the broad term “digital security incident” and a ransomware attack. During the interview, the city government had not yet disclosed the specific nature of the compromise, so Andy outlined a range of possible scenarios — from phishing and denial-of-service to supply chain compromises and ransomware. He emphasized that such terminology allows city leaders to share what they know without speculating before facts are verified.
He described the complexity of diagnosing an incident across a large municipality. St. Paul employs more than 3,000 people across multiple departments, many of which rely on interconnected — but separately secured — systems. Determining the scope and impact takes time, and announcements may be delayed until teams confirm exactly which systems are affected.
Andy also praised the mayor’s office for transparent communication and noted that city leadership reassured residents that emergency services and public utilities remained operational. While certain online payment portals were temporarily suspended, these actions were taken as a precaution to ensure public safety and system integrity.
Andy shared that between 35 and 45% of ransomware attacks are on municipalities, and explained how threat actors often infiltrate systems quietly, identify valuable data, and then demand payment to restore access or prevent its release. This sequence of events aligns with patterns seen in many other municipal ransomware cases — and is now confirmed to be the case in St. Paul.
Finally, Andy closed with practical advice for residents and organizations: back up your devices, keep security software updated, enable multi-factor authentication, and allow trained professionals to handle investigation and recovery. He also recommended that organizations identify a trusted data recovery provider in advance, so they can be quickly engaged as part of a broader incident response plan when needed.
Key Takeaways
The term “digital security incident” allows officials to communicate responsibly during an ongoing investigation.
Transparent leadership helps maintain public trust during uncertainty.
Quick containment and system isolation are critical to protecting essential services.
Preparedness matters: having backups, security tools, a trusted recovery partner, and a clear incident response plan can limit damage.
関連記事
English (United States) 
English (Australia) 
French (France) 
English (UK) 
French (Canada) 
English (Canada) 
Spanish 
Japanese