- Texas Department of Transportation has confirmed a cyber attack
- A threat player used compromised identification information to access the system
- Hundreds of thousands of names, addresses and PII have been exposed
The Texas Department of Transportation (TXDOT), a government agency responsible for supervising the construction, maintenance and exploitation of the state transport system, has undergone a cyber attack and sensitive personal files lost.
The agency confirmed the news in a brief notification published on its website earlier this week.
According to the announcement, a threat player used a compromised government account to access TXDOT systems. After having spotted “an unusual activity” in the Information System on Crash (Cris) files, the agency investigated further and found that the attacker accessed and downloaded, nearly 300,000 planting reports.
The data stolen in the violation include complete names, postal addresses, driving license numbers, license plaque numbers, automotive insurance police and other information (such as prolonged injuries or a description of the accident).
GTA, Minecraft, COD, Sims all have struck
TXDOT said he had immediately disabled access from the compromise account and informed affected people. They were warned to be wary of potential phishing and social engineering attacks, on the theme of car accidents. He also said that he was implementing “additional security measures for accounts” to prevent similar incidents in the future, but has not detailed what these measures are.
This type of information is very useful for cybercriminals. They can use it to send personalized phishing emails, on the theme of something that the victim knows and has interacted in the past. Such phishing attacks are more successful than random generics and can cause identity theft, wire fraud, malware attacks or even ransomware.
Government agencies are a popular target, mainly because they often have information on sensitive citizens. In early April 2025, the Florida State Department underwent a data violation that may have exposed information from 500,000 people, and in August 2024, national public data confirmed that it had been struck by a data violation – and that millions of users were in danger.
At the time of the press, no threat actor claimed this attack.
Via Bleeping Compompute
