Nevada state employees and residents are receiving fraudulent emails from legitimate government email accounts, revealing that the August ransomware attack on state systems continues to cause security problems.
On Tuesday, October 28, a phishing email was sent from the official state domain finance.nv.gov. The message appeared to come from Beatriz (Bety) Mena-Ortiz, an Executive Branch Audit Manager with the Governor’s Finance Office. It included a Google Drive link and a password labeled “NGFO,” asking recipients to “review the document below and get back to me at your earliest convenience.”
How the Scammers Got Through
What makes this attack particularly concerning is that the email passed all standard security checks. According to cybersecurity experts who examined the message headers, it came from Microsoft’s Office 365 servers with valid authentication. This means hackers are using actual compromised state email accounts rather than just spoofing addresses.
The big red flag was the Google Drive link. Nevada state employees normally share files through secured SharePoint or Teams systems, not external Google services. This detail tipped off security professionals that something was wrong.
Connection to August Attack
This new incident appears directly connected to the August cyberattack that Governor Joe Lombardo’s office called a “network security event.” During that breach, numerous state websites went offline. Employees had to reset passwords and security tokens. Federal agencies including CISA helped with recovery efforts.
Cybersecurity professionals say this pattern is common. After major breaches, attackers often keep stolen credentials to use later. Sometimes they sell this information to other criminals. The timing — about two months after the original attack — suggests hackers either kept access to state accounts or are using credentials they stole in August.
What This Means for Nevadans
State government email systems are still vulnerable. Despite password resets and federal assistance after the August attack, hackers can still access official accounts to send convincing fake messages.
Anyone who receives emails from Nevada state government should be extra careful. Even messages that look completely legitimate might be scams. The state’s Information Security Department and Internal Audit department haven’t responded to questions about this latest incident.
The Bigger Picture
This situation shows how one cyberattack can cause problems for months afterward. When hackers breach government systems, they don’t just cause immediate damage. They create ongoing vulnerabilities that put citizens’ information at risk.
The fact that official state email servers are still being used to send malicious messages raises serious questions. Did the state fully secure all compromised accounts after the August attack? Are there other vulnerabilities that haven’t been discovered yet?
What You Should Do
If you receive an email from a Nevada state government address, look for these warning signs. Does it ask you to click on Google Drive or other external links? Does it create urgency or pressure you to act quickly? Does it ask for passwords or personal information?
Don’t click on suspicious links, even if the email looks official. If you’re unsure about a message, call the agency directly using a phone number from their official website, not from the email.
State workers should report suspicious emails to their IT departments immediately. Regular citizens who receive these emails can report them to the FBI’s Internet Crime Complaint Center.
Looking Ahead
This breach highlights the ongoing challenges of securing government computer systems. As hackers become more sophisticated, government agencies struggle to keep up. The August attack wasn’t just a one-time event — it created lasting vulnerabilities that criminals continue to exploit.
Nevada officials need to conduct a thorough review of all state email accounts and systems. They should inform the public about what additional steps they’re taking to secure government networks. Citizens deserve to know their information is protected when they interact with state agencies.
Until these vulnerabilities are fixed, everyone needs to stay vigilant. Question unexpected emails, verify requests through separate channels, and never share sensitive information through email links.
The opinions expressed by contributors are their own and do not necessarily represent the views of Nevada News & Views. This article was written with the assistance of AI. Please verify information and consult additional sources as needed.
