In late August 2025, Nevada’s state government faced a significant cyberattack that led to the closure of state offices and disrupted various public services. The incident, identified on Sunday, August 24, prompted immediate action from state officials to mitigate its impact and restore affected systems.
Discovery and Immediate Response
The cyberattack was first detected in the early hours of Sunday, August 24. State authorities quickly acknowledged the situation, referring to it as a network security incident that had compromised multiple state websites and phone lines. Emergency services, including 911 operations, remained functional throughout the disruption, ensuring that critical public safety services were not affected.
In response to the attack, Governor Joe Lombardo’s office issued a statement confirming the nature of the incident and the steps being taken to address it. The Governor’s Technology Office emphasized their collaboration with state, local, and federal partners to restore services securely, prioritizing the most critical components. However, specific technical details were withheld to protect the integrity of the ongoing investigation.
Impact on State Services
The cyberattack had a widespread impact on state operations. Numerous state websites became inaccessible, and phone lines experienced significant disruptions. This led to the closure of state offices on Monday, August 25, and Tuesday, August 26, as employees were placed on administrative leave. Many employees returned to work on Tuesday as IT systems were gradually restored. In-person services were set to resume once agencies ensured their counter systems were fully operational.
The Department of Motor Vehicles (DMV) was among the agencies significantly affected. All DMV offices remained closed until further notice, with all in-person and online transactions, as well as kiosk transactions, being unavailable, except for rapid registration and turbo titles. The DMV website was restored, and all canceled appointments during the outage were to be honored as walk-ins for a two-week period following reopening.
The Nevada Health Authority confirmed that existing Medicaid coverage and provider payments remained fully operational. The outage did not affect existing Medicaid recipients’ ability to access covered medical care, and they could attend all scheduled appointments as usual. For health care providers, claims and payments for services rendered to Medicaid recipients were being processed without delay.
Investigation and Security Measures
A criminal investigation was launched to determine the source and nature of the cyberattack. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) actively monitored the situation and collaborated with Nevada authorities to assist in the response. The FBI also provided support in the investigation. While the exact nature of the attack was not disclosed, the prolonged disruptions suggested it may have involved a ransomware attack, a common tactic where hackers paralyze systems to demand payment.
Authorities confirmed there was no evidence of compromised personal information. However, residents were advised to be cautious of unsolicited calls, emails, or texts asking for personal information or payments, as scammers might try to capitalize on the incident. The state emphasized that it would not ask for passwords or bank details by phone or email.
Broader Implications
This incident adds to a growing list of cyberattacks on public institutions across the United States. In 2020, for example, an attack on Oregon’s Tillamook County took down its computer systems and website. In 2018, a ransomware attack shut down automated 911 dispatching in Baltimore for roughly 17 hours. These events highlight the increasing threat of cyberattacks on public infrastructure and the need for robust cybersecurity measures.
Cyberattacks on state systems can have destabilizing impacts, extending beyond temporary service disruptions. When government services are forced offline, the consequences can include halted economic activity, delayed emergency responses, and compromised citizen safety. The cascading effects mean that even a localized breach can have a ripple effect on national security, economic resilience, and public confidence.
Conclusion
The cyberattack on Nevada’s state systems underscores the critical importance of cybersecurity in maintaining the functionality and security of public services. As the state works diligently to restore affected systems and prevent future incidents, this event serves as a stark reminder of the vulnerabilities inherent in our increasingly digital infrastructure.
