The “threat actor” who conducted a ransomware attack on the state of Nevada was in the state government’s computer systems as early as three months before, the state revealed in an after-action report released Wednesday.

Nevada’s IT infrastructure was affected for 28 days following the Aug. 24 discovery of a suspicious system outage, the Governor’s Technology Office wrote in a 30-page Statewide Cyber Incident After-Action Report on the cyberattack. It said the state did not pay a ransom and recovered about 90 percent of the affected data.

“Nevada’s teams protected core services, paid our employees on time, and recovered quickly—without paying criminals,” Gov. Joe Lombardo said in a statement announcing the report. “This is what disciplined planning, talented public servants, and strong p

See Full Page