US EditionReport: Nevada didn’t pay ransom in statewide cyberattack, spent $1.5M on response - The Nevada Independent
Nevada restored 90% of compromised data within 28 days through employee overtime and vendor support, avoiding ransom payment and minimizing service disruptions.
- Wednesday, Nov. 5, 2025, Nevada completed full restoration of statewide services in 28 days after the August outages, with the Governor's Technology Office saying the state refused to pay the ransom demanded by the attacker.
- On May 14, a state employee unknowingly downloaded a malware-laced system administration tool that installed a hidden backdoor, and investigators detected the breach on Aug. 24 after backups were deleted and ransomware deployed.
- Investigators determined attackers accessed 26,408 files and exposed 3,241 across multiple systems, breaching the password vault server and retrieving credentials from 26 accounts.
- The response incurred costs including 4,212 overtime hours by 50 state employees, about $211,000, and $1,314,200 paid to specialized partners, disrupting Nevada services.
- Officials are seeking legislative support to fund a centralized Security Operations Center and deploy unified endpoint detection and response, calling cybersecurity a continuous journey, not a one-time achievement.
14 Articles
14 Articles
Associated Press News
Nevada ransomware attack started months before it was discovered, per report
A state report released Wednesday finds that the cyberattack that shuttered Nevada services for weeks cost at least $1.5 million, though it was paid with insurance.
State says no ransom paid in cyber attack
(Photo Bill Hinton/Getty Images)The perpetrator of the cyber attack on state of Nevada systems demanded a ransom “in an attempt to extort the state,” but no ransom was paid, according to an “after-action” report released by the state Wednesday. The report does not indicate the size of the ransom asked, nor whether an attacker has been identified. Officials in the governor’s office did not respond to requests for comment Wednesday afternoon. Abou…
Hackers entered system 3 months before Nevada cyberattack, report says
The “threat actor” who conducted a ransomware attack on the state of Nevada was in the government’s computer systems as early as three months before, the state revealed in an after-action report released Wednesday.
Errant click by state worker triggered Nevada cyberattack in August
A state employee downloading software infested with malware led to the cyberattack that took down state-related websites and shuttered the Nevada Department of Motor Vehicles in August, according to a report released Wednesday ...
Coverage Details
Bias Distribution
- 61% of the sources lean Left
Factuality
To view factuality data please Upgrade to Premium
