Nevada state government crippled by ongoing “network security incident”

The Nevada state government is scrambling to restore services after an apparent cyberattack has forced the municipality to close all state offices until further notice, starting on Monday.

“The State of Nevada identified a network security incident and immediately engaged in 24/7 recovery efforts. The matter is under active investigation,” Governor Joe Lombardo’s office said in a press release posted on X.

The crippling cyber incident, which began early Sunday morning (August 24th), has forced the Governor's Technology Office (GTO) to implement “temporary routing and operational workarounds to maintain public access where it is feasible.”

According to the release, only “certain technology systems” have been impacted, and “some state websites or phone lines may be slow or briefly unavailable during recovery.”

Cybernews can confirm the main “nv.gov” website was not loading as of Tuesday afternoon.

The governor's office stressed that all emergency call-taking (including 911) and essential services remain available statewide, and that the GTO is focused on "restoring services safely and validating systems before returning to normal operations."

Personal data of over 3 million residents potentially impacted

Headquartered in the state capital of Carson City, Nevada’s government offices serve more than 3.2 million residents as of last year, including in Las Vegas, the state’s largest city with a population of about 640,000.

In fact, Nevada was reported as the sixth fastest growing state nationwide in 2024, according to the local Reno Gazette Journal, and locals there have even floated the idea of relocating the nation’s Cybersecurity and Infrastructure Security Agency (CISA) to the Silver State just last week.

CISA said on Tuesday that it was "actively tracking this network security incident, and together with our partners, we are collaborating with the State of Nevada to offer our assistance."

In the meantime, Gov. Lombardo’s office is now warning residents to be on the lookout for "unsolicited calls, emails, or texts asking for personal information or payments," leading Cybernews to believe a ransomware attack may be in play.

Although officials say there is no evidence that any personally identifiable information (PII) has been compromised, in a typical ransomware attack, the hackers will hold onto sensitive data and use it as leverage for a ransom payment.

If an organization chooses not to pay, oftentimes the threat actor will leak the data on the dark web or sell it to the highest bidder, which could leave many residents at risk of targeted phishing attacks or identity theft.

“The State will not ask for your password or bank details by phone or email. As official state websites return online, verify information,” government officials said.

Mixed messages

However, not all Nevadans were even aware of the ongoing disruption.

“It hasn't affected us in any way at all. It probably wouldn't, except for the DMV if we had anything to do there,” Clark County resident Diane Makar Murphy told Cybernews on Tuesday.

“They're saying that you can walk into the office even though the computer system isn't working. We didn't even know what had happened,” Murphy said.

Still, Murphy told us one woman she ran into "was so stressed out she was almost in tears talking about it."

The woman, Melody Jensen, had told Murphy she was having trouble getting tags for her car as all the kiosks were down. Jensen then explained that “Welfare, food stamps, the DMV, and all those little offices around town, it's affecting them too."

Meantime, there also seems to be some confusion among the state’s government offices as to the severity of the situation, as one Nevadan points out on X.

“There is differing information on all local news organizations - are State offices fully closed or no?” the user posted.

On Monday, the Nevada Attorney General’s office posted a notice on X explaining that all government offices would be closed “due to ‘significant state network degradation affecting the ability to conduct normal business.'"

“We anticipate resuming normal business tomorrow,” the AG’s office stated. As of Tuesday, the AG’s website was also down.

There is differing information on all local news organizations - are State offices fully closed or no? Can't access your website, and this is the AG's post:https://t.co/jeSWTjdPOs

undefined Betharooo (@beffarooo) August 25, 2025

The State says agencies will announce when counters reopen and any alternative options. Furthermore, residents will be alerted by the State if investigators determine their personal information was exposed.

Government agencies are favored target for ransomware gangs

Various state and city municipalities have been a target of ransomware groups in the past several years, leaving many governments, which traditionally have limited cybersecurity budgets, on life support for weeks on end.

Earlier this month, the Twin City of St. Paul, Minnesota, was devastated when the Interlock ransomware group infiltrated its government systems, resulting in the St. Paul City Council declaring a 90-day State of Emergency while it struggles to restore services.

In July, the Russia-linked INC Ransom gang hit the small city of Thomasville, North Carolina, threatening to leak 260 gigabytes of data it stole from municipal systems.

Not to be outdone, the government of Peru also fell victim to ransomware in May, courtesy of the Rhysida gang.

Other major metropolitan cities that have fallen victim to ransomware attacks include the City of Montreal North, the City of Dallas, Texas, and the Cities of Oakland and Modesto, California.