Nevada State IT Systems Crippled by Cyber Attack
The state of Nevada is grappling with a major cybersecurity incident after a coordinated ransomware attack brought down government websites, offices, and communication platforms. The attack is believed to be the work of three well-known cybercriminal groups: ShinyHunters, Lapsus$, and Scattered Spider.
Nevada Governor Joe Lombardo issued an official statement confirming a network security incident had disrupted the state’s IT infrastructure. However, he stopped short of attributing the attack to any specific group, citing an ongoing forensic investigation.
According to sources, the state’s websites went offline on Sunday afternoon and remained inaccessible through late Monday, August 25, 2025. In response, officials have urged residents to remain vigilant against potential cyber scams and to avoid sharing personal or banking information with unknown callers or email contacts, warning that attackers often attempt to exploit stolen data through phishing or fraud.
Interestingly, a similar cyberattack was reported in Maryland, where government services have also been disrupted since early last week.
Nissan Targeted by Qilin Ransomware Group
Meanwhile, Japanese auto manufacturer Nissan has fallen victim to a cyberattack orchestrated by the Qilin ransomware group—an increasingly active threat actor known for targeting organizations in the finance, automotive, manufacturing, and healthcare sectors.
The attack specifically targeted Nissan’s design subsidiary, Creative Box Inc. (CBI), leading to the theft of approximately four terabytes of sensitive data. The stolen data reportedly includes future 3D vehicle model designs, internal financial documents, virtual reality design files, and proprietary images.
CBI promptly notified Nissan of the breach and initiated an incident response plan, which included halting further unauthorized access and contacting law enforcement.
On August 20, 2025, Qilin publicly disclosed the attack on a dark web breach forum. Evidence of the data theft was also posted, likely in an attempt to pressure Nissan into paying a ransom. CBI had discovered the breach occurred on August 16.
Despite the threat, Nissan has refused to comply with the hackers’ demands. Instead, the company has engaged a cybersecurity firm to assist in the investigation and recovery efforts.
Join our LinkedIn group Information Security Community!
