Texas Parks & Wildlife Breach Exposes 3 Million Driver’s License and Passport Records
Texas Parks & Wildlife disclosed a data breach affecting more than 3 million people after the state’s cybersecurity unit detected unauthorized access involving the department’s license system vendor. The exposed data was tied to hunting and fishing license transactions and included driver’s license numbers, passport numbers, email addresses, phone numbers, and residential addresses, according to reporting and statements attributed to the Texas attorney general.
The agency said the intrusion involved a vendor system used to process license information, but it did not identify the vendor or disclose the exact timing or method of the compromise. Officials also did not say whether the attackers had contacted the department, leaving key questions unanswered as the incident stands as one of the largest reported data breaches affecting Texas this year.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
Texas Parks & Wildlife discloses breach affecting over 3 million people
Texas Parks & Wildlife disclosed a data breach affecting more than 3 million people after unauthorized access involving the department's license system vendor was detected. Exposed data tied to hunting and fishing license holders included driver's license information, passport numbers, email addresses, phone numbers, and residential addresses.
Texas Parks & Wildlife notifies Texas Cyber Command of vendor breach
Texas Parks and Wildlife said it notified Texas Cyber Command on May 13 after discovering a breach involving an unnamed third-party vendor tied to hunting and fishing license sales. The agency also said its investigation had not yet determined when the breach occurred.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
6 references tracked. Mallory keeps watching after this page renders.
Texas government data breach allowed hackers to steal 3 million driver’s licenses and passports - Malware News - Malware Analysis, News and Indicators
malware.news
Open sourceTexas gov vendor breach exposes data of 3M hunters, anglers
theregister.com
Open sourceTexas govt data breach exposes over 3 million driver’s licenses
bleepingcomputer.com
Open sourceTexas Parks & Wildlife data breach exposes millions of driver’s licenses, passport numbers | brief | SC Media
scworld.com
Open sourceTexas government data breach allowed hackers to steal 3 million driver's licenses and passports | TechCrunch
techcrunch.com
Open sourceNotification of Data Security Incident - Texas Parks & Wildlife Department
tpwd.texas.gov
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Major Healthcare and Hospitality Data Breaches Expose Millions of Records
Over 4 million Texans have been affected by a significant data breach at Conduent Business Services, marking one of the largest such incidents in U.S. history. The breach has prompted legal action and investigations, with the potential for compensation for impacted individuals. In a separate incident, Doctor Alliance, a healthcare technology firm serving multiple providers, suffered a cyberattack resulting in the theft of over 1.2 million records. Attackers have threatened to release sensitive medical data, including diagnoses, prescriptions, and insurance information, unless a ransom is paid, raising serious concerns about identity theft and medical fraud. Additionally, The Thayer Hotel in New York experienced a breach in which more than 33,000 individuals had personal information stolen, including government-issued IDs and, in some cases, Social Security numbers. The hotel, located near the West Point Military Academy, has offered affected individuals free identity theft protection. While there is no evidence yet of misuse, the stolen data could be leveraged for phishing, identity theft, or malware attacks, especially given the military-affiliated clientele. These incidents highlight the ongoing risks posed by cyberattacks targeting organizations that handle sensitive personal and medical information.
Mar 21, 2026
National Public Data Breach Exposed Social Security Numbers and Personal Records
National Public Data disclosed a security incident affecting a large repository of consumer background-check and people-search information, with exposed data reported to include highly sensitive personal identifiers such as **Social Security numbers**, names, mailing addresses, and other profile details. The company published a breach notice on its website, while an individual notification letter filed with the California Attorney General indicates affected residents were formally notified that their information may have been involved. The incident drew attention because the compromised records appear to involve data commonly used for identity verification and fraud, increasing the risk of **identity theft**, account takeover, and social-engineering abuse. The notification materials show the breach response included direct notice to impacted individuals and guidance on protective steps such as monitoring accounts and credit activity, underscoring the seriousness of the exposure for consumers whose records were held by the data broker.
May 26, 2026
Cyberattack on Nacogdoches Memorial Hospital Exposes Data of 257,073 People
Nacogdoches Memorial Hospital, an independent health system in Texas, disclosed a cyberattack that exposed sensitive information belonging to **257,073 individuals**. The hospital said staff identified an ongoing intrusion on January 31, while a filing to Maine indicated the incident date was January 15, creating some uncertainty around the precise timeline of the breach. The compromised data may include names, contact information, **Social Security numbers**, dates of birth, medical record numbers, account numbers, health plan beneficiary numbers, and in some cases full-face photographs. Reporting indicated the incident had not yet appeared on the U.S. Department of Health and Human Services public breach portal at the time of disclosure, and it remained unclear whether the total affected population included only patients or also employees.
May 25, 2026