A large-scale cyberattack paralyzed Nevada’s state systems for over a month, disrupting critical public services. Key impacts included: - DMV closures, preventing vehicle registrations and driver’s license processing. - Background check failures, halting gun sales (affecting local businesses like sporting goods stores) and employment verifications. - Extended service outages, forcing agencies to operate manually or shut down entirely. - Unspecified data exposure risks, with legislators and constituents raising concerns about potential breaches of personal or sensitive government data. - Financial and reputational damage, including $300,000+ in emergency cybersecurity upgrades and unresolved questions about ransom payments or attacker access duration. The attack strained state resources, with IT staff working 18–20 hour days for weeks to restore systems. Investigations remain ongoing, with no public disclosure of the attack vector, compromised departments, or full scope of data loss. The incident prompted urgent investments in a statewide Security Operations Center (SOC) and threat-sharing platforms to prevent future disruptions.
TPRM report: https://www.rankiteo.com/company/state-of-nevada-department-of-administration
"id": "sta3803538101825",
"linkid": "state-of-nevada-department-of-administration",
"type": "Cyber Attack",
"date": "10/2025",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'customers_affected': 'Residents and businesses '
'relying on state services '
'(e.g., DMV, background checks)',
'industry': 'Public Administration',
'location': 'Nevada, USA',
'name': 'State of Nevada',
'type': 'Government'}],
'customer_advisories': ['Public acknowledgment of service disruptions (e.g., '
'DMV, background checks)'],
'description': 'A cyberattack paralyzed Nevada state systems, taking some '
'services offline for a month. The state approved over '
'$300,000 for two cybersecurity projects: a shared technical '
'threat analysis platform ($150,000) and expansion of a '
'statewide security operations center ($163,700) in '
"collaboration with UNLV. The attack's full scope, including "
'data access, ransom payments, and financial costs, remains '
'undisclosed as the investigation is ongoing. Constituents '
'reported widespread disruptions, including inability to '
'register vehicles, conduct background checks, or secure '
'employment due to system downtime.',
'impact': {'brand_reputation_impact': ['Public distrust in state '
'cybersecurity',
'Legislative scrutiny over '
'transparency'],
'customer_complaints': ['Constituent reports of service '
'disruptions',
'Social media outrage over system '
'downtime'],
'downtime': '1 month (approximate)',
'operational_impact': ['Paralysis of state systems',
'Inability to register vehicles (DMV)',
'Halted background checks (firearms, '
'employment)',
'Disruption of employment verification',
'Public frustration and economic harm to '
'businesses (e.g., gun dealers)'],
'systems_affected': ['State Government Systems',
'DMV Services',
'Background Check Systems',
'Employment Verification Systems']},
'investigation_status': "Ongoing (details undisclosed; 'holistic "
"after-action' report in progress)",
'lessons_learned': ['Need for proactive cybersecurity investments (e.g., '
'threat analysis platforms, SOCs)',
'Importance of public transparency during incidents',
'Value of cross-agency collaboration (e.g., UNLV '
'partnership)',
'Staff resilience and dedication during crises'],
'post_incident_analysis': {'corrective_actions': ['Planned shared threat '
'analysis platform',
'Statewide SOC expansion',
'Policy review (incident '
'response, governance, '
'training) via consultant']},
'recommendations': ['Accelerate implementation of the shared threat analysis '
'platform',
'Finalize statewide SOC feasibility study with UNLV',
"Publish the 'after-action' report to share lessons with "
'other states',
'Develop a long-term strategic cybersecurity plan '
'(addressing Sen. Nguyen’s concerns)',
'Improve public communication protocols for future '
'incidents'],
'references': [{'source': 'Nevada Current'},
{'source': 'Legislature’s Interim Finance Committee Meeting '
'(September 2023, approximate)'}],
'response': {'communication_strategy': ['Legislative briefings (Interim '
'Finance Committee)',
"Planned public 'after-action' report "
'(timeline undisclosed)',
'Acknowledgment of public frustration '
'via social media'],
'enhanced_monitoring': ['Shared threat analysis platform '
'(planned)'],
'incident_response_plan_activated': True,
'recovery_measures': ['System restoration prioritized for '
'critical services (e.g., DMV, background '
'checks)'],
'remediation_measures': ['$150,000 shared technical threat '
'analysis platform',
'$163,700 expansion of statewide '
'security operations center (SOC) with '
'UNLV',
'Staff worked 18–20+ hour days for '
'weeks to restore systems'],
'third_party_assistance': ["Vendor for 'holistic after-action' "
'report',
'UNLV (University of Nevada, Las '
'Vegas) for SOC feasibility study',
'Consultant for top-down security '
'review']},
'stakeholder_advisories': ['Legislators briefed on funding and response '
'efforts',
'Constituent concerns addressed via legislative '
'questions (e.g., Sen. Titus, Assm. Brown-May)'],
'title': 'Nevada State Cyberattack Disrupting Government Services',
'type': ['Cyberattack', 'System Disruption', 'Potential Ransomware']}