The Texas Parks and Wildlife Division (TPWD) has disclosed an information breach at a licensing system vendor that uncovered the non-public info of greater than 3 million folks.
The Texas Cyber Command found the intrusion and started an investigation to find out the scope and affect of the unauthorized entry. State officers confirmed that monetary info, together with social safety numbers (SSNs), dates of delivery, and bank cards, weren’t affected.
Nonetheless, risk actors could have obtained personally identifiable info associated to three,087,721 Texas looking and fishing license prospects, together with the next information varieties:
- Driver’s license info
- passport quantity
- electronic mail deal with
- phone quantity
- residential deal with
Uncovered information units are enough for hackers to focus on affected people with phishing and social engineering assaults, delivering malware to internet pages or soliciting extra delicate info.
TPWD stated in its information breach notification that there’s “no proof that prospects below the age of 18 have been concerned or that any particular teams have been focused.”
TPWD is the Texas state company chargeable for managing wildlife and fisheries, state parks, conservation applications, looking and fishing laws, boat registration, and Texas Recreation Warden enforcement.
Texas state companies additionally difficulty looking and fishing licenses and permits, that are offered by outdoors distributors.
BleepingComputer has reached out to TPWD for extra particulars on this incident and the title of the third-party service supplier, however has not but acquired a press release.
The company stated it’s “working intently with licensing system distributors to implement new security measures and enhanced monitoring companies.”
TPWD advises prospects to watch their credit score studies and monetary statements. Affected people are eligible for one yr of free credit score monitoring and will think about putting a credit score freeze or fraud alert with the key credit score bureaus as extra safety in opposition to id theft.
We additionally strongly advocate being cautious of phishing and id theft scams, as risk actors could try and ship communications posing as corporations or officers.
Safety groups doc 54% of profitable assaults and difficulty a warning on solely 14%. The remainder strikes invisibly by the atmosphere.
Picus’ whitepaper reveals learn how to take a look at your SIEM and EDR guidelines in breach and assault simulations to make sure threats go undetected.
Get the white paper
