CyberSecurity news
FlagThis
Bill Toulas@BleepingComputer
//
The State Bar of Texas has confirmed a data breach following a ransomware attack claimed by the INC ransomware gang. The breach, which occurred between January 28 and February 9, 2025, involved unauthorized access to the organization's network, leading to the exfiltration of sensitive information. The incident was discovered on February 12, 2025, prompting immediate action to secure the network and initiate an investigation with the assistance of third-party forensic specialists. The organization is the second-largest bar association in the United States, with over 100,000 licensed attorneys, regulating the legal profession in Texas by overseeing licensing, continuing legal education, ethical compliance, and disciplinary actions.
Approximately 2,700 individuals were affected by the breach. The compromised data includes full names, Social Security numbers, financial account details such as credit and debit card numbers, driver’s licenses, and medical and health insurance details. The exposure of such a wide array of sensitive information poses significant risks of identity theft and financial fraud. The Texas State Bar has emphasized that there is no current evidence of misuse or fraudulent activity involving the compromised data but is urging affected parties to remain vigilant and monitor their financial accounts and credit reports for suspicious activity over the next 12 to 24 months.
In response to the data breach, the State Bar of Texas has implemented additional security measures to prevent future incidents and is reviewing its data privacy policies. Affected individuals are being notified directly and offered complimentary credit monitoring services through Experian for a specified period, including features such as credit monitoring, identity restoration support, and identity theft insurance coverage up to $1 million. Recipients were advised to consider activating a credit freeze or placing a fraud alert on their credit files to mitigate potential risks from the data exposure. The incident serves as a wake-up call for legal cybersecurity, highlighting the vulnerabilities inherent in even the most established institutions and emphasizing the need for robust data protection measures.
ImgSrc: www.bleepstatic
References :
Approximately 2,700 individuals were affected by the breach. The compromised data includes full names, Social Security numbers, financial account details such as credit and debit card numbers, driver’s licenses, and medical and health insurance details. The exposure of such a wide array of sensitive information poses significant risks of identity theft and financial fraud. The Texas State Bar has emphasized that there is no current evidence of misuse or fraudulent activity involving the compromised data but is urging affected parties to remain vigilant and monitor their financial accounts and credit reports for suspicious activity over the next 12 to 24 months.
In response to the data breach, the State Bar of Texas has implemented additional security measures to prevent future incidents and is reviewing its data privacy policies. Affected individuals are being notified directly and offered complimentary credit monitoring services through Experian for a specified period, including features such as credit monitoring, identity restoration support, and identity theft insurance coverage up to $1 million. Recipients were advised to consider activating a credit freeze or placing a fraud alert on their credit files to mitigate potential risks from the data exposure. The incident serves as a wake-up call for legal cybersecurity, highlighting the vulnerabilities inherent in even the most established institutions and emphasizing the need for robust data protection measures.
ImgSrc: www.bleepstatic
Share:
References :
- The DefendOps Diaries: Texas State Bar data breach: A wake-up call for legal cybersecurity
- BleepingComputer: Texas State Bar warns of data breach after INC ransomware claims attack
- www.scworld.com: Separate breaches reported by Texas city's utility payment site, state bar
- gbhackers.com: Texas State Bar Confirms Data Breach, Begins Notifying Affected Consumers
- Cyber Security News: CyberPress article on State Bar data breach
Classification:
- HashTags: #Ransomware #DataBreach #Cybersecurity
- Company: State Bar of Texas
- Target: State Bar of Texas
- Attacker: INC Ransomware
- Product: Data
- Feature: Data Theft
- Malware: INC
- Type: Ransomware
- Severity: Major