Lombardo: 90% of Nevada's websites back online after cyberattack

Nevada Governor Joe Lombardo gives further updates on the state’s response to a cyberattack during a press briefing at the Nevada Governor's Office of Economic Development, Thursday, Sep. 4, 2025. Photo by: Wade Vandervort

Ninety percent of public-facing state websites are back up following a cyberattack against Nevada discovered last month, Gov. Joe Lombardo said today.

Nevada’s Department of Motor Vehicles is “100% back online,” the Republican governor said during a news conference. The state’s public notice website is also fully back online, he said.

The “majority” of what still needs to be restored are “very key components of our entire system,” Lombardo said, meaning they require additional due diligence before coming back online. The state’s sex offender registry and gun background check system are still down. 

“While we’re not yet at the finish line, we are moving there faster than expected,” he said, noting that the state has still not seen evidence that Nevadans’ personally identifiable information was compromised in the Aug. 24 cyberattack that struck state operations.

Nevada is implementing new processes to better protect its information, updating password strength standards and “expanding” multi-factor authentication, Lombardo said. The state’s information technology team also issued a statewide password reset “to cut off any compromised credentials,” according to the governor.

“Nearly” every state employee has regained access, Lombardo said. He explained that the state chose not to publicize the reset beforehand to avoid tipping off people looking to take over accounts.

The governor’s office began receiving reports of phishing attempts shortly after news of the reset was reported by local outlets, Lombardo said. The governor couldn’t say whether the phishing attempts were connected to the people behind the original ransomware attack.

While the state normally sees around 150,000 hits on its firewall each day, it has seen an over 300% increase in “direct attack attempts” throughout the recovery process, Lombardo said.

“We will continue to be transparent about what we can responsibly share,” he said. “When operational details could enable copycat attacks or interfere with the federal investigation, we will hold that information back until it’s safe to release.”

Earlier this week, Assembly Speaker Steve Yeager, D-Las Vegas, criticized the “lack of actionable information” released about the cyberattack while announcing the creation of a new legislative working group on cybersecurity. 

“We share the frustration of all Nevadans about the recent cyberattack on the executive branch of government,” Yeager wrote in a press release. “It is clear that legislators must lead the way in gathering the facts and formulating solutions for the next special and/or regular session of the Legislature.”

Assembly Democratic Caucus Chair Elaine Marzola, D-Henderson, said in a statement that they “anticipate the cooperation of key government officials in this process so that we can protect Nevadans from future cyberattacks.”

Asked about the new working group, Lombardo said he is supportive of “any endeavour” from the legislature to help prevent similar cyberattacks from happening in the future.

“It, in my opinion, has risen to an emergency,” the governor said. “It’s necessary that we address it sooner than later.”