The Texas Parks and Wildlife Department (TPWD) has disclosed a data breach involving a third-party vendor that manages its licensing system, exposing personal information belonging to more than three million people.
The incident was discovered by the Texas Cyber Command, which launched an investigation to determine the scope and impact of the unauthorized access. TPWD said there is no evidence that Social Security numbers, dates of birth, or financial information, including credit card details, were compromised.
However, the agency confirmed that the threat actor may have accessed personally identifiable information linked to 3,087,721 hunting and fishing license customers. The exposed data includes driver’s license information, passport numbers, email addresses, phone numbers, and residential addresses.
Security experts warn that the stolen information could be used in phishing and social engineering attacks designed to trick victims into visiting malicious websites, downloading malware, or revealing additional sensitive information.
TPWD said there is no evidence that customers under the age of 18 were affected or that any specific group was targeted in the incident.
The Texas Parks and Wildlife Department oversees wildlife and fisheries management, state parks, conservation programs, boating registration, hunting and fishing regulations, and enforcement activities carried out by Texas Game Wardens. The agency issues hunting and fishing licenses and permits through an external vendor.
BleepingComputer contacted TPWD for additional details about the incident and the identity of the third-party service provider, but the agency has not yet responded.
TPWD said it is working closely with the license system vendor to implement additional safeguards and enhanced monitoring services.
The agency is advising affected customers to monitor their credit reports and financial statements for suspicious activity. Impacted individuals are eligible for one year of free credit monitoring and are encouraged to consider placing a fraud alert or credit freeze with major credit bureaus.
TPWD also urged customers to remain alert for phishing emails, text messages, and impersonation scams, as threat actors may attempt to pose as trusted organizations or government officials.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
Texas License Data Breach Exposes Information of 3 Million Hunters and Anglers
