As per reports, on Wednesday (05 November), the Nevada Governor’s Technology Office released its after-action report on the ransomware attack on Nevada state systems on 24 August 2025, after an employee downloaded malware disguised as a common system administration tool from a spoofed website.

• The website was promoted using search engine optimization poisoning. The attack disrupted operations across multiple state offices, including the Department of Motor Vehicles and Nevada Health Authority, and required a full network shutdown and coordinated recovery.
• Recovery took 28 days, during which backup data was deleted, and 90 percent of encrypted data was restored with Dell Recovery Support. No ransom was paid.
• The investigation revealed 26 user accounts were compromised, including administrative-level accounts, and a backdoor was exploited even after malware removal.
• Microsoft assisted in Office 365 recovery, and state employees and retirees were paid on time.