Cybersecurity Incident October 1 2024

WHAT HAPPENED
On October 1, 2024, an email account belonging to a Nevada Judicial Branch employee was compromised and used to distribute sophisticated phishing emails to state employees and other contacts.
This action was quickly reported to the Administrative Office of the Courts (AOC) Cybersecurity team, who immediately took steps to remediate the spread of this phishing campaign and secure the compromised account.
The likely motivation of the malicious actors in this attack was to trick other users into revealing their account credentials, including usernames and passwords.

WHAT WE ARE DOING
We are taking this data breach incident very seriously. Our Cybersecurity team took swift action to shut down the compromised email account and asses the damage as quickly as possible. We would like to thank staff members who applied their regular cybersecurity training and promptly reported the suspicious email activity.

WHAT YOU CAN DO
The most effective actions you can take to protect your information and digital assets are to practice good password hygiene and to stay informed about suspicious activity you should look out for. Critical steps include:

• Change your passwords often, especially after any substantial security event.
• Use strong passwords. (Learn more about strong passwords from the Cybersecurity & Infrastructure Security Agency at https://www.cisa.gov/secure-our-world/use-strong-passwords)
• Learn to recognize and report phishing attempts. Information on how to spot phishing attempts and other tips to protect yourself online are available at https://www.cisa.gov/secure-our-world/recognize-and-report-phishing.

If you ever feel unsure or suspect something is not right, please seek help immediately. If you receive any suspicious communications, verify the source before revealing any personal information.