LAS VEGAS (FOX5) — An after-action report on the Nevada cyber security incident that shuttered many state government services for weeks.
In a 30-page document compiled by the Governor’s technology office, officials detailed the 28-day recovery from the cyber attack.
According to the report, the systems were compromised as early as May 14 when a state employee unknowingly downloaded malware. The infiltration remained undetected for more than three months. Attackers were able to access a password vault server to obtain credentials from 26 accounts.
“They meticulously cleared event logs to obscure their activities,” the document stated.
The attacker later deployed ransomware, although officials noted that no ransom was paid during the incident. State officials stated that approximately 90% of the data impacted by the attack was recovered.
The financial impact of the attack totalled approximately $1.3 million for external vendor support, and overtime costs of more than $210,000.
According to the document, only one document containing personal information was accessed, and there was no evidence that any data was taken or leaked in the incident. One former state employee was notified of potential information exposure.
“The resilience shown throughout this event reflects Nevada’s technical capabilities and the dedication of the teams responsible for protecting them,” said Timothy Galluzi, executive director and state chief information officer for Gov. Lombardo’s office.
Copyright 2025 KVVU. All rights reserved.
