Cyber Incident Victim: Minnesota State Government

On June 16, 2017, a Minnesota jury acquitted the police officer involved in the fatal shooting of Philando Castile during a 2016 traffic stop, sparking widespread public protests. In response to the verdict, an individual using the alias "Vigilance" infiltrated Minnesota government databases hosted on the server admin.state.mn.us around June 18, 2017, describing the intrusion as an act of protest against perceived injustice. The hacker exfiltrated approximately 1,400 email addresses and corresponding password hashes from systems connected to mn.state.us and mn.gov domains. The compromised data included contact information for external contractors, credentials for users of a scientific forum maintained by Minnesota IT Services, and administrative accounts belonging to state government IT personnel. Vigilance communicated with Motherboard on June 18, providing stolen data samples and stating the breach targeted systems associated with the state government to highlight institutional failures following Castile's death.

Minnesota IT Services confirmed the security incident on June 20, 2017, initiating a forensic investigation and collaborating with law enforcement to review potential criminal violations. The agency verified the attacker accessed password hashes encrypted with the descrypt algorithm, which remained uncracked according to the hacker's statements at the time of reporting. Motherboard independently validated portions of the leaked information, including private citizen telephone numbers and government employee email addresses that Vigilance subsequently published online. The breach exposed vulnerabilities in systems linking multiple state government domains but did not compromise plaintext credentials due to the hashing implementation. Public disclosure of personal information belonging to contractors and forum users constituted the primary immediate impact beyond the unauthorized database access itself.