Nevada Governor provides update on state cyberattack; officials outline impact, response, and steps forward
In a coordinated briefing, Nevada Governor Lombardo announced the latest findings in the state’s cyberattack investigation, detailing the scope of affected systems, immediate containment measures, and plans to restore services. State agencies are working around the clock with federal partners to secure networks and protect residents’ data.
What happened and when
Timeline of events: The attack was detected on August 24, with initial containment steps taken within hours. State cybersecurity teams identified anomalous activity across multiple networks and initiated incident response protocols.
Scope of impact: The breach impacted list of affected sectors, e.g., DMV services, unemployment benefits systems, state-trooper communications, certain county networks. Some services were temporarily moved offline or redirected to backup systems.
Rationale for rapid action: Officials say swift disruption of access and network segmentation reduced risk of broader damage and helped preserve evidence for forensic analysis.
How the state is responding
Incident response and forensics: The Nevada Cyber Defense Center, in collaboration with federal partners (e.g., CISA, FBI), is conducting a full forensic analysis to determine attack vectors and mitigate vulnerabilities.
Containment and restoration: A multi-phased plan prioritizes mission-critical services. Agencies are restoring systems from clean backups while implementing enhanced monitoring, multi-factor authentication, and stricter access controls.
Third-party risk management: The state is reviewing third-party vendors and supply chain risk to prevent repeat incidents.
Public-facing steps: Officials urge residents to monitor accounts for suspicious activity, change passwords, and use official channels for essential services. Help lines are available for affected residents.
What residents should know
Service availability: Some services may remain intermittently unavailable during restoration. Check official channels for status updates before attempting transactions.
Data security: There is no current evidence that resident data was exfiltrated, though investigators are treating all data as potentially at risk until confirmed. If your data was involved, you will be notified through official channels.
Protection tips:
Use strong, unique passwords and enable MFA where possible.
Be cautious of phishing attempts pretending to be state agencies.
Regularly review bank and credit activity and report any anomalies.
Statements from officials
Governor Lombardo: “We are treating this with the utmost seriousness and will provide transparent updates as the situation evolves. Our priority is to restore full service securely and protect Nevadan families.”
State CIO/Chief Information Security Officer: “Our teams are working around the clock with federal partners to identify the breach’s root cause and harden defenses.”
What’s next
Timeline for full restoration: Officials estimate phased restoration over the next [timeframe, e.g., 24–72 hours], with ongoing security enhancements beyond that period.
Ongoing investigations: Forensic analysis will continue to determine attackers’ methods and any potential vulnerabilities in state systems.
Policy and investment implications: The attack is likely to prompt reviews of cybersecurity funding, workforce, and incident response protocols.
How to stay informed
Follow updates from:
Official state channels: https://notice.nv.gov/. https://www.oem.nv.gov/recovery
Federal partners: CISA advisories and alerts
Sign up for emergency or cyber incident notifications where available.
Do not share or click suspicious links in emails or texts claiming to be from state agencies.
Quick FAQ
Is my personal data at risk? Officials are assessing exposure; watch official communications for confirmation and next steps.
Can I access essential services? Some services may be temporarily affected during restoration; check official status pages.
What can I do to help? Stay vigilant, update credentials, and report suspicious activity to state helplines.