Nevada’s DOI and DMV continue to be impacted by a statewide ransomware attack
The Nevada Division of Insurance (DOI) and Department of Motor Vehicles (DMV) have both been impacted by a ransomware attack on the state’s government agencies.
A Facebook post made by the DOI Wednesday says that their website remains temporarily unavailable. The website still was not working Friday afternoon following the ransomware incident that was identified by the state on Aug. 24.
“We’re grateful to the dedicated teams working tirelessly to restore state systems,” the DOI post says. “Despite these challenges, our Division remains committed to serving consumers and regulating Nevada’s insurance marketplace.”
A post made by the DOI on Aug. 28 said their staff was back in the office with their phone lines working again and email available for most teams.
The Nevada Department of Business and Industry, which was also impacted by the attack, created a new one-page website Wednesday with phone numbers and emails for each division impacted by the attack.
The Nevada Office of Emergency Management (OEM) also created a website with updates on the attack.
It says the state identified the attack early on the morning of Sunday, Aug. 24, and immediately began engaging in around-the-clock recovery efforts. Some systems were taken offline while others are being restored safely in stages.
State and federal teams, including the FBI, are actively investigating the attack, the OEM webpage says.
A forensic review confirms that some data was exfiltrated and moved outside the state network, the webpage says. Media has reported that state officials have not further defined the scope of the data breach but have said no DMV data was stolen.
Gov. Joe Lombardo announced Thursday that the DMV would start processing registrations and title transfers in person, according to local NBC channel News 4. He also said that driver’s license services would open the following day.
He added that to the best of officials’ knowledge, the state’s core financial systems remain secure.
As of Friday, Jaguar Land Rover systems remained disrupted after a cyber attack, according to an incident notification posted on its website.
Late last month, Farmers Insurance released a notice that more than 1 million Farmers Insurance customers had been exposed in a security breach of one of the insurer’s third-party vendors.
BleepingComputer reports that it learned the data was stolen in a widespread Salesforce attack. Salesforce is a cloud-based software company that manages customer relationships, sales, and marketing information for other companies.
ShinyHunters, which also works as Scattered Spider, is believed to be the hacking group involved in the Salesforce attack, according to Bleeping Computer.
Scattered Spider was also suspected in the Erie Insurance hack that occurred in June. The group is known to continue attacks in the same industry. Hacks made against Aflac and Philadelphia Insurance Companies within weeks of Erie’s attack were also suspected to be Scattered Spider.
IMAGE
Photo courtesy of anyaberkut/iStock