A suspected ransomware incident has triggered widespread outages across Nevada’s government offices and online systems.
Nevada’s state government is responding to a widespread “network security incident” that began on Sunday, August 24. In response, the state closed all government offices starting Monday and warned its 3.2 million residents to be cautious of scam messages. The Governor’s Office confirmed emergency services like 911 remain active, but many state websites and phone lines are currently slow or inaccessible.
The incident has been described as a suspected ransomware attack, though officials have not confirmed this. The state's Governor’s Technology Office (GTO) has implemented operational workarounds to maintain some level of public access during recovery efforts.
The attack reportedly affected only “certain technology systems,” but Nevada’s main government website (nv.gov) remained down as of Tuesday. Government services such as the DMV, food assistance, and welfare distribution have been impacted, with residents reporting issues accessing kiosks and in-person services. Some citizens, however, remained unaware of the extent of the disruption due to inconsistent messaging across agencies and news outlets.
While the Governor’s Office says there’s no current evidence of compromised personal data, it has warned residents to stay alert for phishing attempts and avoid giving out personal or financial information. CISA (the U.S. Cybersecurity and Infrastructure Security Agency) has confirmed it is assisting the state in its investigation.
Governor Joe Lombardo’s office stated that recovery is ongoing and that each agency will provide updates on reopening and alternative access options. “The State will not ask for your password or bank details by phone or email,” officials stated. Some residents expressed confusion and frustration, especially those needing DMV-related services or accessing social support systems.
On social media, some Nevadans questioned whether offices were fully closed due to conflicting reports, while others noted a lack of communication or notification about the incident.
Ransomware is a type of malware that locks or encrypts a victim's data, followed by demands for payment (usually in cryptocurrency) in exchange for restoring access or preventing the release of stolen information.
They often hold sensitive personal data, run essential services, and may lack strong cybersecurity resources, making them attractive targets for financially motivated attackers.
Avoid clicking on unknown links or providing personal details. Verify official updates through trusted channels, and report suspicious messages to state authorities.
Yes. Even after service restoration, attackers may still possess exfiltrated data and can leak or sell it if a ransom is not paid.
Investing in regular security audits, employee training, multi-layered defenses, incident response planning, and partnerships with federal agencies like CISA are main components of a strong cybersecurity posture.