A targeted cyberattack disrupted critical state services across Nevada for over nine days, crippling operations at the DMV, Department of Health and Human Services, Nevada State Police, and welfare offices. The outage forced DMV locations to close in-person services, halting new ID issuance, driver’s licenses, and other essential transactions. While limited online services (e.g., registration renewals, Turbo Titles) were restored, backlogs persisted, delaying appointments and leaving residents like driving school students unable to obtain licenses for 30+ days. Welfare offices reverted to paper applications, and law enforcement agencies (e.g., Nye County Sheriff) faced delays in processing CCW permits and fingerprinting. As of the report, 10 state websites and their sub-services remained offline, with no clear timeline for full recovery. The attack’s scale—disabling nearly an entire state government—marks a rare and severe incident, raising concerns about data security (e.g., personal information exposure) and prolonged operational paralysis. Officials acknowledged slow progress in restoring systems, leaving thousands of residents stranded without access to vital services.

The State of Nevada experienced a ransomware attack in August, which knocked several state websites offline and disrupted digital services. The attack, detected on August 24, triggered a 300% surge in cyberattack attempts (150 million hits in 72 hours), primarily through phishing attempts targeting employee credentials after a statewide password reset. While 90% of public-facing services (including DMV operations) were restored, critical systems like the sex offender registry and FBI background check system for gun dealers remained offline. State officials confirmed data theft, though no personally identifiable information (PII) of residents was compromised. Affected data included state processes, inventory, and databases, with no financial or resident PII exposure reported. The attack prompted enhanced security measures, such as stricter password policies and expanded multi-factor authentication (MFA). The recovery prioritized public safety systems, but the full extent of the breach and attacker identity remain undisclosed due to an ongoing federal investigation.

The Nevada GTO suffered a ransomware attack initiated on May 14 via a malicious fake system administration tool downloaded by an employee from a spoofed website, with paid ads boosting its visibility (SEO poisoning). The attack disrupted state systems on August 24, forcing a 28-day recovery and network shutdowns across 60 state offices, including critical agencies like the Nevada Health Authority (reverting to paper processes) and the Department of Motor Vehicles (canceling appointments, halting online communications with auto dealers, and waiving late fees). While 90% of encrypted data was recovered, backup data was deleted, extending downtime. 26 user accounts (including administrative) were compromised, and a backdoor persisted post-removal. Overtime costs reached 4,212 hours, with $7M in cyber insurance partially offsetting losses. Services like SNAP, TANF, and WIC continued via workarounds, but state employees/retirees were paid on time. No ransom was paid, and exfiltration remains unconfirmed but under monitoring. The attack exposed gaps in endpoint detection and prompted reviews for a state SOC (Security Operations Center) and additional grant-funded security tools.

In August 2023, the State Government of Nevada suffered a large-scale ransomware attack that crippled operations across 60 state agencies, including critical sectors like health, public safety, and governmental services. The attack encrypted key systems, leading to denial or delays in citizen services, suspension of medical and criminal record platforms, and disrupted inter-agency communications. While no ransom was paid, the recovery spanned nearly a year, requiring system isolation, forensic analysis, secure backup restoration, and network segmentation. The incident forced a statewide overhaul of cybersecurity, including Zero Trust adoption, MFA enforcement, SIEM deployment, and cloud-based disaster recovery. Services like emergency response, healthcare data access, and administrative functions were severely impacted, with some sectors requiring redundant cloud mirroring to prevent future outages. The attack highlighted vulnerabilities in public sector infrastructure, prompting long-term reforms to enhance resilience against ransomware threats.

The State of Nevada suffered a prolonged ransomware attack initiated in May 2023 when an employee unknowingly downloaded malware disguised as an IT administration tool. The breach escalated by August, disrupting critical government services for nearly a month. Key impacts included: - Service outages: Residents couldn’t obtain driver’s licenses, employers faced delays in background checks, and state workers were placed on paid leave. - Financial cost: Recovery expenses reached $1.5 million ($211K in overtime, $1.3M for contractors, covered by cyber insurance), with additional economic losses from prolonged downtime. - Data risk: Attackers accessed a password vault and exfiltrated a zip file containing personal data of at least one former employee, though no evidence confirmed public exposure. The attack exploited Nevada’s decentralized cybersecurity infrastructure, spreading rapidly. - Operational strain: The state avoided paying ransom but required 4,212 overtime hours and external cybersecurity support (Mandiant) to contain the breach. Investigations remain ongoing, with the attacker unidentified. - Broader context: The incident aligns with a rising trend of state-level ransomware attacks, including similar disruptions in Georgia (Fulton County), Rhode Island (health data leaks), and Baltimore (911 system outages).