Ransomware Claim Against Cullen, Haskins, Nicholson & Menchetti

Nevada state officials confirmed Wednesday night that the “security incident” that was detected on Sunday was a ransomware attack, and that while the investigation is still ongoing, it appears the perpetrators stole state data. During a press conference Wednesday evening, Nevada Chief Information Officer Timothy Galluzi shared more details about the cyberattack. While the forensic investigation is still ongoing, Galluzi shared that it has revealed evidence that some state data has been exfiltrated from the state’s system without authorization. He said it is unclear what type of data was stolen. https://hubs.li/Q03G8Dt_0

Nevada state officials confirmed Wednesday night that the “security incident” that was detected on Sunday was a ransomware attack, and that while the investigation is still ongoing, it appears the perpetrators stole state data. During a press conference Wednesday evening, Nevada Chief Information Officer Timothy Galluzi shared more details about the cyberattack. While the forensic investigation is still ongoing, Galluzi shared that it has revealed evidence that some state data has been exfiltrated from the state’s system without authorization. He said it is unclear what type of data was stolen. https://hubs.li/Q03GhTYf0

Nevada state officials confirmed Wednesday night that the “security incident” that was detected on Sunday was a ransomware attack, and that while the investigation is still ongoing, it appears the perpetrators stole state data. During a press conference Wednesday evening, Nevada Chief Information Officer Timothy Galluzi shared more details about the cyberattack. While the forensic investigation is still ongoing, Galluzi shared that it has revealed evidence that some state data has been exfiltrated from the state’s system without authorization. He said it is unclear what type of data was stolen. https://hubs.li/Q03GhT_00

Nevada state officials confirmed Wednesday night that the “security incident” that was detected on Sunday was a ransomware attack, and that while the investigation is still ongoing, it appears the perpetrators stole state data. During a press conference Wednesday evening, Nevada Chief Information Officer Timothy Galluzi shared more details about the cyberattack. While the forensic investigation is still ongoing, Galluzi shared that it has revealed evidence that some state data has been exfiltrated from the state’s system without authorization. He said it is unclear what type of data was stolen. https://hubs.li/Q03GhT380

Shropdoc faces a ransomware threat from the actor cephalus-api with an imminent data release claimed. The incident impacts healthcare services in the United Kingdom. #RansomwareAttack #HealthcareBreach #UnitedKingdom link: https://ift.tt/SFAaRht

Ransomware group Akira threatens to leak 27GB of sensitive data from Mazza Recycling Services, including employee info and financial records, exposing major US corporate security gaps. #DataLeak #MazzaRecycling #USA link: https://ift.tt/5VPsGaN

Ransomware Shutdown in Nevada Underscores Risks to Access, Economic Flow, and Licensing Transparency In the last two weeks, I have experienced delays, non-responses, and a general lack of transparency impacting my work, so a bit of digging was warranted. Nevada’s state systems have now been crippled by a ransomware attack for over a week, and the fallout is far more than technical—it’s tangible. Since August 24, 2025, state services, including DMV branches, websites, and phone lines, have been offline. While 911 and emergency services remain intact, essential functions like driver’s license issuance and benefit access are caught in a limbo of uncertainty. This prolonged outage isn’t just inconvenient—it’s economically disruptive. Local businesses, such as vehicle sellers, cannot complete VIN inspections, halting sales and straining cash flow. The broader community faces cascading delays in registering businesses, renewing rights, or accessing social services via SNAP and Medicaid, where digital portals have failed. Even more troubling is the opacity maintained by state officials. Citizens and professionals—private investigators, compliance officers, consumer advocates—are left navigating an unclear landscape. What happened? What data was stolen? When will services resume? The state remains vague. Governor Lombardo and the Technology Office have avoided giving specifics, saying only that “systems must be validated before we reconnect them,” even as they confirmed data exfiltration. For private investigation licensing and verification, the implications are profound. PI firms and their clients rely on DMV and regulatory databases to validate credentials, track ownership, check backgrounds, and confirm compliance. With these systems offline, due diligence stalls, licensing backlogs mount, and consumer protections erode. This incident is a warning shot. Ransomware isn’t just about encryption—it’s a systemic denial of civic function. And when transparency is sacrificed, trust and economic continuity are jeopardized. Sources KTNV - https://lnkd.in/dnjj4h7u Hoodline -https://lnkd.in/deEYqxqH The Nevada Independent - https://lnkd.in/dBDmyTUT CBS News - https://lnkd.in/dCtcW56a SecurityWeek - https://lnkd.in/dczVpAkC Las Vegas Review-Journal - https://lnkd.in/dfHa5Kdp #DueDiligence #BusinessContinuity #EconomicImpact #PrivateInvestigators #FraudPrevention #Verification #GovernmentTransparency #PublicTrust #Ransomware #CyberSecurity #CyberAttack

A token theft attack doesn’t steal your password. It steals the “keys” that prove you’ve already authenticated. That’s why MFA alone isn’t enough for most businesses. Protecting accounts today needs to include real-time monitoring and alerting for anomalous activity behind the scenes.

Key takeaways to consider if hit with a ransomware attack: -First message matters: start by acknowledging the attack (“we know you’re in our systems”) and open the channel. Don’t be accusatory — you need cooperation. -Ask for clarity early: what data they have (file tree), what they’ve touched, and their proof. These help shape your forensic response. -Negotiate what you will expect if you pay: decryptors, proof of deletion, that stolen info won’t be published. Agree on terms. -Duration: this isn’t resolved in hours. Expect days or weeks of back-and-forth. -Decision over payment: experts lean toward not paying if you don’t have to, but it’s a business risk equation. You need to weigh the damage, legal exposure, reputation, and what you can salvage. https://lnkd.in/e9GzzP5Q

Pennsylvania's AG said his office is making progress on recovering from a ransomware attack discovered three weeks ago Some judges are giving extensions to lawyers and prosecutors due to the cyberattack https://lnkd.in/eN7Tk-cg