Around 2,500 state workers got the email, as per the state boss data security officer.
Around the globe, individuals have detailed getting various duplicates of the email, while others have gotten the message from put stock in associations.
One million Gmail clients, which Google says is "less than 0.1%", were influenced.
The cost to the Minnesota state government was for the most part the aftereffect of representatives managing the assault instead of completing their typical employments, said state boss data security officer Christopher Buse.
"I evaluated three minutes of time for each representative… it might be considerably more than that much of the time," he disclosed to ABC News.
"It's critical for individuals to comprehend that the assaults are going on as well as to see how expensive they are."
Mr Buse said that the cost could have been considerably higher however Minnesota state government offices for the most part did not utilize Gmail or Google Docs.
"The vast majority of these tricks are done utilizing Office archives like Word and Excel spreadsheets", Ken Munro, of Pen Test Partners, told the BBC.
"Be that as it may, a great deal of enormous organizations have moved far from customary office programming bundles, and an expanding number are moving towards utilizing Google."
Different clients influenced
Other than the Minnesota state government, countless Gmail clients were influenced.
Jacquelyn Piette, who is examining for a MBA at Boston College, tweeted that she had recently gotten cautioning of the phishing trick when the message landed in her inbox.
On the off chance that they tapped on the "Open in Docs" catch, they were taken to a bona fide Google page that obliged them to sign in with their record accreditations.
Once signed in, an administration called "Google Apps" would approach them for authorization to get to their email account information.
By consenting to share their information, clients were conceivably giving the programmers access to their email record, contacts and online archives.
The malware utilized this entrance to send duplicates of the phishing email to everybody in the beneficiary's contacts list.
"As organizations improve at security, con artists will begin searching for associations between individual email records and expert records, which may avoid a portion of the organization's security," Mr Munro said.
He said that presenting "layers of detachment" -, for example, not checking individual email on the workplace PC - could help forestall such phishing efforts spreading.
"Organizations could state they won't not need you to check individual email on your work PC, however they don't worry about you checking it on your versatile."
Picture of tweet from a Google Docs phishing beneficiary
Those who did click on the link have been advised to log into their accounts and revoke access to Google Apps, then change their password.
Tags:
Technology