Cyberattack that crippled Nevada's systems reveals vulnerability of smaller agencies
- - Cyberattack that crippled Nevada's systems reveals vulnerability of smaller agencies
Andres GutierrezAugust 27, 2025 at 9:29 PM
CBS News
Las Vegas — Nevada officials revealed Wednesday that personal information may have been compromised in what was described as a "sophisticated ransomware-based cybersecurity attack" that occurred Sunday in which hackers infiltrated government networkers and disrupted essential services statewide.
Nevada Gov. Joe Lombardo had initially said Monday there were no signs personal data was stolen. However, in a news conference Wednesday, Tim Galluzi, Nevada's state chief information officer, indicated that personal information may have been taken.
"I must disclose that our ongoing forensic investigation has found evidence that indicates some data has been exfiltrated, or moved outside the state network, by the malicious actors," Galluzi told reporters. "...At this stage we cannot yet identify or classify the specific nature of this data."
Several state services were brought to a standstill by the cyberattack. Many people showed up at DMV offices across the state for their appointments this week only to learn the agency is closed. State DMV offices were still closed as of Wednesday.
"We want to remind our citizens that this statewide outage is impacting almost every state agency's operations, and connectivity to impact safety and the health and human services fields needs to take priority over DMV services," Tonya Laney, director of the Nevada DMV, said at the news conference.
The outage also prevented law enforcement from accessing state DMV records. For a good part of Sunday, the dispatch phone lines for Nevada State Police were down. Emergency and essential operations, such as 911 services, were still available.
Lombardo had announced Monday that all state offices were closed to in-person services until further notice. The breach impacted state systems only, Lombardo said. The attack is under investigation.
Galluzi said "bringing systems back online is a meticulous process" and they "must ensure that threat has been fully eradicated before we reconnect them."
Cybersecurity experts, meanwhile, say local governments are prime targets for cyberattacks. "Now they're hitting government, like the small, not big federal, but state and local community," Greg Moody, professor of information systems at the University of Nevada, Las Vegas, told CBS News. "And so that's been the trend for the past 12 to 18 months."
An analysis from the software company Comparitech counts 525 ransomware attacks on U.S. government entities since 2018, with an estimated $1.09 billion lost to downtime as a result of those attacks.
Last month, a cyberattack in St. Paul, Minnesota, forced the city to shut parts of its network. Public WiFi and some library services went offline. Minnesota Gov. Tim Walz activated the National Guard's cyber unit to help restore systems.
Last year, Fulton County, Georgia, home to Atlanta, spent weeks restoring courts and phones after a ransomware strike. The county refused to pay.
And in the fall of 2023, an Iran-linked group breached a piece of computer technology in Aliquippa, Pennsylvania, that monitors water pressure. There was no contamination, but it served as a warning shot to critical infrastructure.
"The most likely lessons learned should be reach out to your other state counterparts and share information so other states, other cities, can learn from it and just put their defenses up in advance," Moody said. "So the same attack doesn't work against them."
Minneapolis Catholic school shooter identified
Extreme weather slams the West with dust storms and wildfires
Cracker Barrel scrapping new logo, returning to old one after backlash
Source: “AOL AOL General News”
