Nevada
Nevada ransomware attack started months before it was discovered, per report
LAS VEGAS — State workers were put on paid administrative leave. Nevada residents couldn’t receive their driver’s licenses. Employers were unable to conduct background checks on new hires. These were all effects of a massive cyberattack in Nevada that took nearly a month to fully restore its services.
The ransomware attack – though discovered in August – occurred as early as May when a state employee mistakenly downloaded malicious software, and cost at least $1.5 million to recover, according to an after-action report the state released Wednesday.
“Nevada’s teams protected core services, paid our employees on time, and recovered quickly — without paying criminals,” Gov. Joe Lombardo said Wednesday in a statement announcing the report. “This is what disciplined planning, talented public servants, and strong partnerships deliver for Nevadans.”
The attack came on the heels of a long series of cybercrimes against states and municipalities in recent years.
In 2024, Georgia’s largest county was hit with a cyberattack where hackers shut down office phone lines and threatened to publicly release sensitive data they claimed to have stolen unless officials paid ransom. The ransomware syndicate LockBit took credit for the cyberattack in late January that temporarily crippled government services in Fulton County.
Cybercriminals hacked Rhode Island’s system for health and benefits programs and released files to a site on the dark web in 2024.
The Colorado Department of Transportation’s computer network was targeted in a ransomware attack in 2018 by two Iranian computer hackers, though no money was paid and no information was lost.
When Baltimore was hit in 2019 with a ransomware attack that crippled the city’s services for a month, it was estimated to cost at least $18.2 million. A year before, a ransomware attack slammed Baltimore’s 911 dispatch system.
Nevada officials maintain the state did not pay the ransom, the amount of which was not disclosed. The attacker has yet to be identified, and the incident is still under investigation.
The attack against Nevada was a “fairly large ransomware against a state,” according to Gregory Moody, director of cybersecurity programs at UNLV. This attack was able to spread through the state more quickly because of the decentralized nature of Nevada’s cyber systems, he said.
Nevada’s response time was good compared to others, he said. It typically takes between seven and eight months to discover an attacker in a system, and Nevada officials caught it faster than is usual, Moody said.
The attack cost 4,212 in overtime hours – or about $211,000 in direct overtime wages – and $1.3 million for help from contractors, according to the report. The $1.3 million was paid for by the state’s cyber insurance, according to the governor’s office.
The cost could have been much higher, Moody said. When a data breach targeted the Las Vegas-based MGM Resorts in 2023, it was expected to cost the casino giant more than $100 million.
“I think they got lucky,” said Cameron Call, chief technology officer at the Las Vegas-based cybersecurity company Blue Paladin. “It sounds low compared to some; I don’t know that it’s taking into account the economic cost for the state being down for as long as it was.”
On May 14, a state employee accidentally downloaded a malware-laced system administration tool that was made to mimic a tool frequently accessed by IT personnel, according to the after-action report. That installed a hidden backdoor to give the attacker access, investigators with the cybersecurity firm Mandiant found.
By August, the attacker established encrypted tunnels and used a remote desktop protocol to move across the state’s system, gaining access to the state’s password vault server.
The attacker created a zip file containing sensitive data, including personal information of one former state employee, who was notified, according to the report. Investigators have not found that data was successfully extracted or published on a site.
The report includes steps the state is taking and recommendations to better protect the state in the future, such as creating a centrally-managed security operations center and deploying endpoint detection and response, a platform to improve threat detection.
Cybersecurity experts, however, say those are standard protocols that the state should have been doing for years.
“The recommendations that they put forward are definitely solid, but, you know, they’ve been best practice for quite a while,” Call said.
Marner scored 16 seconds later, when his backhanded shot from near the wall in the right face-off circle was inadvertently knocked into the net by Carolina defenseman Sean Walker, giving Vegas a 2-0 lead.
Marner made it 3-0 at 14:32, 11 seconds after he hit the right post on a breakaway. Brayden McNabb kept the puck in the zone and found Marner low behind all five Carolina skaters, where he scored off a forehand-to-backhand deke for his second goal in 3:50 and Vegas’ third in 4:06.
“‘Nabber’ just coming in on that pinch, just the patience and play he made to me to allow me to get around the net was phenomenal,” Marner said.
Marner’s third goal came off another breakaway. He got loose past Alexander Nikishin, took a pass from Hertl, skated into the right circle and made it 4-0 with a far-side slap shot that went in off Andersen’s blocker at 16:52.
Bussi stopped his penalty shot early in the third to keep it a 4-0 game.
“I’m thinking we need to score that and I’m not lying to you because they came back and scored four,” Tortorella said. “I’m thinking we need another one just to keep on going.”
Martinook made it 4-1 at 7:03, cashing in on a strong forecheck by Seth Jarvis before getting hit from behind by Cole Smith.
“I just think we needed something good to happen,” Martinook said.
Hall cut the deficit to 4-2 at 7:29. Sebastian Aho stole the puck from McNabb in the offensive zone and from below the right circle sent a backhanded pass across to Hall, who scored from the far post.
Staal made it 4-3 at 7:42, scoring from the lower part of the left circle on a deflection of Jaccob Slavin’s shot off the left-wing half-wall.
Carolina also scored three goals on consecutive shots in the third period of Game 2 on Thursday.
Svechnikov tied it 4-4 at 18:18, scoring a power-play goal with Bussi pulled for the extra skater to make it a 6-on-4 situation. After the puck went to the net and got loose, Carolina forward Nikolaj Ehlers was pushed in as Svechnikov found it in the slot and shoved it into the net.
“I’ve experienced a lot of games in playoffs. I haven’t experienced one like this,” Tortorella said. “We could do nothing wrong in the second period and probably did everything wrong in the third period.”
But the game didn’t end there. It continued for 25 minutes and 38 seconds of overtime, until Theodore did the right thing, got the bounce and the reward.
“Not how we drew it up,” Vegas forward William Karlsson said, “but we’ll take it.”
NOTES: Carolina forward William Carrier left the game in the second period with an upper-body injury and did not return. Brind’Amour did not have an update on his status. … The Hurricanes lost in overtime for the first time in the playoffs this season (6-1). … McNabb played with a full cage because of facial injuries he sustained in the first period of Game 2, when he was struck in the face by an Ehlers slap shot. The defenseman played 35:47, finished with two assists, including the setup for Theodore’s winner, and was plus-3.
A high-speed pursuit that began near Battle Mountain ended with an arrest west of Elko after troopers used a tire deflation device to slow a fleeing driver who later ran from his vehicle, authorities said.
On Thursday, June 4, 2026, around 1:30, a Nevada Highway Patrol trooper observed a white Toyota Camry traveling in excess of the posted speed limit near Battle Mountain in Lander County. When the trooper attempted to stop the vehicle, it accelerated to 116 mph. The Camry began passing on the outside shoulder, and the pursuit was terminated in the interest of public safety.
At 2 p.m., another trooper observed the Camry near Carlin on Interstate 80 as it exited via the Central Carlin off-ramp. The vehicle accelerated and traveled west on Chestnut Street, then went south on State Route 278 toward Eureka. The Camry traveled down a mine access road off State Route 278, and the trooper lost visual contact. Additional troopers responded and attempted to locate the Camry along the mine access road but were unsuccessful.
At 3:02 p.m., the vehicle was observed traveling northbound on State Route 278 while being pursued by the Eureka County Sheriff’s Office and Carlin Police Department. Troopers then pursued the Camry on Interstate 80 eastbound from Carlin as it traveled 115 mph.
Troopers successfully deployed a tire deflation device, also known as a Stop Stick, as the vehicle entered the Carlin Tunnel. The Camry slowed to about 80 mph after the left front tire tread separated from the rim. The vehicle continued eastbound on Interstate 80 toward Elko and slowed to 20 mph.
The driver exited the moving vehicle near mile marker 297, about one mile west of the West Elko (State Route 535) interchange, and the vehicle came to rest in the center median. The driver ran south across the eastbound travel lanes and entered the ranching area south of Interstate 80.
For the next 30 minutes, law enforcement pursued the male suspect on foot through various terrain west of the city of Elko. At 3:48 p.m., the suspect was taken into custody without incident.
David Basil Mercer was booked into the Elko County Jail on charges of basic speed, 41+ mph over the posted speed limit; reckless driving; evade, elude or fail to stop; resisting a public officer; using or being under the influence of a controlled substance; possession of a controlled substance; and DUI.
Nevada Highway Patrol thanked its partner agencies, including the Eureka County Sheriff’s Office, Carlin Police Department, Elko Police Department, Elko County Sheriff’s Office, and the Parole and Probation Division of the Nevada State Police.
More than a quarter-million Nevadans had participated in the state’s primary elections as of Friday afternoon, a few hours before the two weeks of early voting concluded.
The 270,008 people who had voted in person or returned a mail ballot amounted to a roughly 11 percent participation rate out of the more than 2.4 million active and inactive registered voters in Nevada as of Monday.
At least 181,139 ballots had been returned statewide, and 86,869 people had voted in person since May 23.
Secretary of State Francisco Aguilar, Nevada’s chief election official, said Friday that the early voting process had proceeded without hiccups, crediting county clerks and election workers.
“Everything has gone very smoothly,” he told the Las Vegas Review-Journal. “Clerks have been preparing for this moment since the day after the 2024 election.”
Aguilar said he otherwise wished turnout was higher.
Nevadans who want to vote in person still have one final chance: on Election Day Tuesday.
Those who wish to mail back their ballots can do so through that day, although Aguilar recommends that they take them to drop boxes or polling locations instead, to ensure that they are counted.
For now, Nevada law allows returned mail ballots to be counted several days after Election Day. Ballots postmarked by Election Day are accepted for up to four days, while mail returned without a legible postmark is accepted for up to three days.
A Supreme Court ruling — which is expected to come down after the primaries — could lead to the reversal of laws in Nevada and about a dozen other states that allow the counting of mail ballots received days after Election Day.
If the higher court rules against Mississippi, whose law was challenged by the Republican National Committee and the Mississippi Libertarian Party, the change could go into effect as early as November’s midterm elections.
“As opposed to any of the president’s executive orders, we can’t challenge a ruling by the U.S. Supreme Court or file a lawsuit against it,” Aguilar said in late May. “We have to accept it.”
About 57,000 Clark County residents had voted early and in person as of Friday afternoon, state data showed. Almost 108,000 had returned their mail ballots.
Aguilar said that he’s been encouraging clerks to push voters whose mail ballots require signature verification, a process known as curing, to get it done as soon as possible.
Clark County had flagged at least 1,621 ballots that needed curing as of Friday afternoon. At least 543 of those voters had since verified their signatures.
There is a plethora of nonpartisan and partisan local, state and federal races on the ballot. Some can be won outright this month. For others, like congressional and the governor’s races, voters will have a chance to dwindle the field that will then face off in November.
Nevada offers same-day, in-person registration for inactive voters, which requires a state identification card. Registered voters can track their ballots at myballot.nv.gov and update their contact information at vote.nv.gov.
Contact Ricardo Torres-Cortez at rtorres@reviewjournal.com.
-
Boston, MA5 minutes agoAroldis Chapman Trade Rumors Heating Up for Struggling Red Sox
-
Denver, CO8 minutes agoChrist in the Heart of the City: Hundreds Join Corpus Christi Eucharistic Procession in Downtown Denver
-
Seattle, WA13 minutes agoWEST SEATTLE SUNDAY: 20 notes, including I-5’s early reopening
-
San Diego, CA20 minutes agoMark Your Mornings: Cloak & Petal is Opening a Japanese-Inspired Café
-
Milwaukee, WI23 minutes ago15 Milwaukee-area champions crowned on Day 2 of WIAA state girls track
-
Atlanta, GA28 minutes agoPride Run ATL kicks off in Midtown Atlanta
-
Minneapolis, MN35 minutes agoAir quality alert issued for western, southern Minnesota
-
Indianapolis, IN38 minutes agoWarm and stormy start, then heat builds deeper into the week | June 7, 2026
