The Nevada's Governor’s Technology Office has released an after-action report on last August's statewide cyberattack.Â
The 2025 Statewide Cyber Incident After-Action Report details Nevada’s 28-day recovery from ransomware attack. The State says guided by pre-established incident playbooks and vendor agreements, the State did not pay a ransom, restored statewide services within four weeks, and recovered approximately 90% of impacted data.
The State says the remaining items, while still in control of the State, were not required for service restoration and are undergoing risk-based review with continued monitoring; the State will take appropriate notification or remediation actions if new information emerges.
By the numbers
- 28 days to full service restoration across affected platforms
- ~90% of impacted data recovered; residual items under risk-based review with enhanced monitoring
- No ransom paid; response executed under cyber insurance and pre-negotiated vendor agreements
- 4,212 overtime hours by 50 State employees, at $210,599.87 direct OT wages (fully-loaded est. $259,037.84)
- $1,314,200 obligated to specialized partners (forensics, recovery, legal, engineering) to accelerate containment and rebuild
The after-action report outlines next-phase modernization, including the pursuit of a centrally managed Security Operations Center and expanded workforce training to sustain resilience against evolving threats.
You can read the full report below -Â
(Office of Governor Lombardo contributed to this report.)
