“This kind of recovery is never easy,” he said during a press conference Friday. “It requires patience, precision and constant vigilance, but I want Nevadans to know we are making real headway, and every day brings us closer to full restoration.”
State officials learned of a massive ransomware-based cyberattack on Aug. 24 that shut down state websites and computer systems. Officials began working to put systems back online, though they warned it takes time in order to ensure that bad actors no longer have access.
Officials determined later that malicious actors removed state data, though it was unclear what kind of data. Last week Lombardo said it is not believed that state financial data and DMV records were taken. On Friday, the governor said there is still no evidence personal identifying information was compromised.
The public still does not know how the cyberattack occurred, who was behind it or what kind of data was taken. Lombardo was unable to answer any technical information about the attack during the press conference Friday.
BACKGROUND CHECKS, SEX OFFENDER REGISTRY STILL DOWN
The other 10 percent of websites are key components to the state’s systems and require more due diligence to be restored, Lombardo said.
The Department of Public Safety and Governor’s Technology Office continues to work to restore Brady background checks from the National Instant Criminal Background Check System, which requires all federally licensed firearms dealers to run checks of people trying to buy a gun.
Lombardo said restoring that service is a priority, and he expects it will be recovered soon. Until then, the proper sale of firearms cannot occur for new gun purchasers, he said.
Background checks have also been at a standstill for workplaces requiring a background check to onboarding new hires, such as medical facilities.
The sex offender registry database is also still down, but Lombardo said it is a public safety priority to restore that database.
Other systems still down include an e-filing system that workers’ compensation attorneys use to file important case documents. Attorneys warn the system going down will cause a delay in injured workers’ cases being complete.
ADDRESSING EMPLOYEE LOCKOUT
The governor also addressed concerns about a statewide password reset that locked many employees out of their email for hours without warning, impacting their ability to work. Lombardo said the state’s IT teams administered a statewide credential reset as a best practice security measure to remove any compromised credentials.
He added that state employees were not told about the password reset intentionally because broadcasting it would tip off criminals and increase attempts of account takeovers. When news was published about the password reset, the state received reports of phishing attempts and efforts to capture state credentials, Lombardo said.
Nevada has 25,000 employees, and “there isn’t an agency in the world that can transfer the entire agency’s email system seamlessly,” the governor said.
“Unfortunately, some employees were not able to work for several hours, but there’s a lot of functionality with the state employee outside of your traditional email system. They have a lot of responsibilities, and you’re not 100 percent encumbered by the failure or the inability to log into the system,” Lombardo said.
In the 72 hours after his first press conference about the attack, Lombardo said the state defended approximately 150 million hits to its firewalls.
“At this point in the recovery process, my team continues to balance transparency with operational security concerns,” he said.
The state is implementing stronger governance policies and controls, such as requiring a stronger minimum password standard and expanding multi-factor authentication, Lombardo said. Remote access also has been re-established for validated users with multi-factor authentication, he said.
This is a developing story. Check back for updates.
©2025 Las Vegas Review-Journal. Visit reviewjournal.com.. Distributed by Tribune Content Agency, LLC.
