State of Minnesota Company Cyber Security Posture
mn.govMinnesota State Government is the third largest employer in the state of Minnesota, employing over 50,000 diverse and talented employees in more than 100 state agencies, boards, commissions, colleges, and universities. Our workplaces can be found across the state in 86 out of 87 Minnesota counties and a small share of employees work in out-of-state locations. When you bring your career to the State of Minnesota, the work you do affects the quality of life of millions of Minnesotans. From those who shape policy, to those who keep us safe, preserve our environment, or take care of our most vulnerable populations, we take our responsibilities to the public seriously. Join us as we continue to serve our great state and build a better Minnesota. To learn more about our career opportunities and comprehensive benefits, visit www.mn.gov/careers. To learn more about our state agencies, boards, commissions, colleges, and universities, visit http://mn.gov/portal/government/state/agencies-boards-commissions.
SM Company Details
state-of-minnesota
57463 employees
77257.0
922
Government Administration
mn.gov
Scan still pending
STA_5135715
In-progress
SM Risk Score (AI oriented)Between 900 and 1000
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
SM Global Score.png)
State of Minnesota Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 900 and 1000 |
State of Minnesota Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| Minnesota Department of Human Services | Breach | 85 | 4 | 03/2018 | MIN21149222 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: Minnesota Department of Human Services suffered a data breach through an employeeโs e-mail account. The attack exposed the personal information of about 11,000 people. The hackers were immediately detected and the servers were secured. | |||||||
| University of Minnesota | Breach | 100 | 5 | 07/2021 | UNI84623823 | Link | |
Rankiteo Explanation : Attack threatening the organizationโs existenceDescription: The University of Minnesota confirms that it has contacted law enforcement and is investigating a claimed data breach that officials became aware on July 2021. According to the statement, the "U" hired outside forensics specialists from around the world to investigate reports of a breach and make sure the University's computer systems were safe. The University of Minnesota will provide options to help prevent the exploitation of personal information as well as alert anyone who has been impacted by the alleged breach. | |||||||
| Minnesota Department of Human Services | Data Leak | 60 | 4 | 11/2022 | MIN164122123 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: Minnesota Department of Human Services (DHS) suffered a data breach incident after a DHS employee accidentally emailed the parent billing statements of 4,307 individuals involved in the program. The billing statements included first and last names, addresses, DHS-generated billing account numbers, and parental fee account activity. DHS implemented new procedures to address the error that led to the incident, and communicated these procedure changes to staff. | |||||||
State of Minnesota Company Subsidiaries
Minnesota State Government is the third largest employer in the state of Minnesota, employing over 50,000 diverse and talented employees in more than 100 state agencies, boards, commissions, colleges, and universities. Our workplaces can be found across the state in 86 out of 87 Minnesota counties and a small share of employees work in out-of-state locations. When you bring your career to the State of Minnesota, the work you do affects the quality of life of millions of Minnesotans. From those who shape policy, to those who keep us safe, preserve our environment, or take care of our most vulnerable populations, we take our responsibilities to the public seriously. Join us as we continue to serve our great state and build a better Minnesota. To learn more about our career opportunities and comprehensive benefits, visit www.mn.gov/careers. To learn more about our state agencies, boards, commissions, colleges, and universities, visit http://mn.gov/portal/government/state/agencies-boards-commissions.
Access Data Using Our API
Get company history
Rapid.png)
SM Cyber Security News
Local governments seek funds for cybersecurity amid rising threats
Target and UnitedHealthcare spend untold amounts of money to prevent their information technology systems from a breach.
State and Local Cybersecurity Grant Bill Considered in House and Senate Committees
The League of Minnesota Cities testified in support of the bills, emphasizing the urgent need for cybersecurity resources, particularly forย ...
Federal cyber funding cuts could expose Minnesota, IT head warns
Minnesota's top IT official is warning that a prolonged pause or cancellation of federal cybersecurity funding could leave counties,ย ...
Minnesota schools must report cybersecurity incidents under new law
The information will be anonymized and shared with โappropriate organizationsโ to help officials understand how to provide support.
Malware Reports Skyrocket Under Minnesota Cyber Changes
Minnesota adopted new cyber tools and mandated that all public agencies must report incidents within 24-72 hours. Early data reveals aย ...
FBI investigating Minnesota cybersecurity expert over concerns about his background, Hennepin Co. att'y says
Mark Lanterman, the Chief Technology Officer at Computer Forensic Services, is being accused by Wisconsin attorney Sean Harrington of inflatingย ...
St. Cloud State University students take down hackers, get first place at competition
St. Cloud State University offers a bachelor's degree and minor in cybersecurity, according to its website. The cybersecurity industry isย ...
Minnesotaโs expanded anti-fraud efforts include AI pilot project
Minnesota Gov. Tim Walz announced several additions to the state's efforts to crack down on fraud against government assistance programs.
Senator Melissa H. Wiklund Presents Bill to Fund Local Government Cybersecurity Efforts
ST. PAUL, Minn. โ Today, the Minnesota Senate State and Local Government Committee heard Senate File 379, authored by Senator Melissa H.
SM Similar Companies
Salford City Council
Salford City Council exists to serve its residents and provides a complete and comprehensive range of services and facilities. The council's mission statement is "to create the best possible quality of life for the people of Salford." Salford is a city constantly changing and moving into an exciti
U.S. Department of Veterans Affairs
Welcome to the United States Department of Veterans Affairs (VA) Official LinkedIn page. We're recruiting the finest employees to care for our #Veterans. Following/engagement โ signify VA endorsement. This is a moderated page, meaning that all comments will be reviewed for appropriate content. Ple
U.S. Census Bureau
The Census Bureau serves as the nationโs leading provider of quality data about its people and economy. We have been headquartered in Suitland, Maryland since 1942, and currently employ about 4,285 staff members. We are part of the U.S. Department of Commerce and overseen by the Economics and Statis
United States Postal Service
As the United States Postal Service continues its evolution as a forward-thinking, fast-acting company capable of providing quality products and services for its customers, it continues to remember and celebrate its roots as the first national network of communications that literally bound a nation
City of Amsterdam
Working for Amsterdam means working for the most beautiful city in the world. Think of its rich history, the role Amsterdam plays internationally, and events such as Sail, Gay Pride and Kingโรรดs Day. Of course everybody wants to visit Amsterdam, or work or live here. As you can probably imagine, wo
ANEP
La Administraciรณn Nacional de Educaciรณn Pรบblica (ANEP) es el organismo estatal responsable de la planificaciรณn, gestiรณn y administraciรณn del sistema educativo pรบblico en sus niveles de educaciรณn inicial, primaria, media, tรฉcnica y formaciรณn en educaciรณn terciaria en todo el territorio uruguayo (Ley
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
SM CyberSecurity History Information
How many cyber incidents has SM faced?
Total Incidents: According to Rankiteo, SM has faced 3 incidents in the past.
What types of cybersecurity incidents have occurred at SM?
Incident Types: The types of cybersecurity incidents that have occurred incidents Data Leak and Breach.
How does SM detect and respond to cybersecurity incidents?
Detection and Response: The company detects and responds to cybersecurity incidents through third party assistance with Outside forensics specialists and law enforcement notified with True and communication strategy with Providing options to prevent exploitation of personal information and alerting impacted individuals and remediation measures with Implemented new procedures to address the error, Communicated procedure changes to staff and containment measures with Secured Servers.
Incident Details
Can you provide details on each incident?
Incident : Data Breach
Title: University of Minnesota Data Breach
Description: The University of Minnesota confirms that it has contacted law enforcement and is investigating a claimed data breach that officials became aware on July 2021. According to the statement, the 'U' hired outside forensics specialists from around the world to investigate reports of a breach and make sure the University's computer systems were safe. The University of Minnesota will provide options to help prevent the exploitation of personal information as well as alert anyone who has been impacted by the alleged breach.
Date Detected: July 2021
Type: Data Breach
Incident : Data Breach
Title: Minnesota DHS Data Breach
Description: Minnesota Department of Human Services (DHS) suffered a data breach incident after a DHS employee accidentally emailed the parent billing statements of 4,307 individuals involved in the program. The billing statements included first and last names, addresses, DHS-generated billing account numbers, and parental fee account activity.
Type: Data Breach
Attack Vector: Human Error
Vulnerability Exploited: Human Error
Incident : Data Breach
Title: Minnesota Department of Human Services Data Breach
Description: Minnesota Department of Human Services suffered a data breach through an employeeโs e-mail account. The attack exposed the personal information of about 11,000 people. The hackers were immediately detected and the servers were secured.
Type: Data Breach
Attack Vector: Email Compromise
Vulnerability Exploited: Compromised Email Account
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Compromised Email Account.
Impact of the Incidents
What was the impact of each incident?
Incident : Data Breach MIN164122123
Data Compromised: first and last names, addresses, DHS-generated billing account numbers, parental fee account activity
Incident : Data Breach MIN21149222
Data Compromised: Personal Information
Systems Affected: Email Servers
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information, Account Information and Personal Information.
Which entities were affected by each incident?
Incident : Data Breach UNI84623823
Entity Type: Educational Institution
Industry: Education
Location: Minnesota, USA
Incident : Data Breach MIN164122123
Entity Type: Government Agency
Industry: Public Sector
Location: Minnesota, USA
Customers Affected: 4307
Incident : Data Breach MIN21149222
Entity Type: Government Agency
Industry: Public Administration
Location: Minnesota, USA
Customers Affected: 11000
Response to the Incidents
What measures were taken in response to each incident?
Incident : Data Breach UNI84623823
Third Party Assistance: Outside forensics specialists
Law Enforcement Notified: True
Communication Strategy: Providing options to prevent exploitation of personal information and alerting impacted individuals
Incident : Data Breach MIN164122123
Remediation Measures: Implemented new procedures to address the error, Communicated procedure changes to staff
Incident : Data Breach MIN21149222
Containment Measures: Secured Servers
How does the company involve third-party assistance in incident response?
Third-Party Assistance: The company involves third-party assistance in incident response through Outside forensics specialists.
Data Breach Information
What type of data was compromised in each breach?
Incident : Data Breach MIN164122123
Type of Data Compromised: Personal Information, Account Information
Number of Records Exposed: 4307
Sensitivity of Data: Medium
Personally Identifiable Information: first and last names, addresses
Incident : Data Breach MIN21149222
Type of Data Compromised: Personal Information
Number of Records Exposed: 11000
Personally Identifiable Information: True
What measures does the company take to prevent data exfiltration?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Implemented new procedures to address the error, Communicated procedure changes to staff.
How does the company handle incidents involving personally identifiable information (PII)?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through was Secured Servers.
References
Where can I find more information about each incident?
Incident : Data Breach UNI84623823
Source: University of Minnesota
Where can stakeholders find additional resources on cybersecurity best practices?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: University of Minnesota.
Investigation Status
What is the current status of the investigation for each incident?
Incident : Data Breach UNI84623823
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through was Providing options to prevent exploitation of personal information and alerting impacted individuals.
Initial Access Broker
How did the initial access broker gain entry for each incident?
Incident : Data Breach MIN21149222
Entry Point: Compromised Email Account
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident?
Incident : Data Breach MIN164122123
Root Causes: Human Error
Corrective Actions: Implemented new procedures to address the error, Communicated procedure changes to staff
What is the company's process for conducting post-incident analysis?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Outside forensics specialists.
What corrective actions has the company taken based on post-incident analysis?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Implemented new procedures to address the error, Communicated procedure changes to staff.
Additional Questions
Incident Details
What was the most recent incident detected?
Most Recent Incident Detected: The most recent incident detected was on July 2021.
Impact of the Incidents
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident were first and last names, addresses, DHS-generated billing account numbers, parental fee account activity and Personal Information.
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident was Email Servers.
Response to the Incidents
What third-party assistance was involved in the most recent incident?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Outside forensics specialists.
What containment measures were taken in the most recent incident?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Secured Servers.
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were first and last names, addresses, DHS-generated billing account numbers, parental fee account activity and Personal Information.
What was the number of records exposed in the most significant breach?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 547.0.
References
What is the most recent source of information about an incident?
Most Recent Source: The most recent source of information about an incident is University of Minnesota.
Investigation Status
What is the current status of the most recent investigation?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Initial Access Broker
What was the most recent entry point used by an initial access broker?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Compromised Email Account.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
