The State Bar of Texas has begun notifying thousands of individuals that their personal data was compromised during a ransomware attack earlier this year.
In official letters sent out this week, the organization revealed that it detected suspicious activity within its network on February 12. This prompted an immediate investigation and response to assess the scope of the incident. The investigation later confirmed that an unauthorized party accessed the Bar’s network between January 28 and February 9, stealing files containing sensitive personal information.
The types of compromised data vary per individual. While the publicly released notification letters have redacted those details, filings submitted to the Texas Attorney General’s Office confirm that the exposed information includes Social Security numbers, driver’s license details, government-issued IDs, financial data such as bank account and credit card numbers, as well as medical records and health insurance details.
Although no evidence has emerged of the stolen data being misused, the State Bar of Texas is offering affected individuals 12 to 24 months of complimentary credit monitoring and identity theft protection services as a precaution.
The organization has not disclosed the total number of impacted individuals. However, filings with the attorneys general of Texas, New Hampshire, and Massachusetts indicate that over 2,700 people were affected by the breach.
While the Bar has yet to confirm the specific type of cyberattack, the INC Ransom gang has claimed responsibility. The group added the State Bar of Texas to its leak site hosted on the dark web in late February.
With more than 100,000 active members, the State Bar of Texas ranks as the second-largest bar association in the United States. It plays a crucial role in overseeing the state’s legal professionals, handling attorney licensing, ethical compliance, and disciplinary procedures.
Cybersecurity experts warn that the nature of the exposed information could have serious long-term consequences. Legal documents and personally identifiable information (PII) can be highly valuable to threat actors, potentially affecting not only individual privacy but also legal proceedings and ongoing litigation.
“This breach is especially troubling given the legal sensitivity of the information involved,” said Steve Povolny, Senior Director at Exabeam, in a statement. “The exposure of case files and personal identifiers doesn’t just raise privacy concerns — it could compromise the fairness of legal outcomes.”
