Texas Parks & Wildlife Data Breach Affects 3 Million Individuals

Hackers stole personal information after breaching the systems of a third-party license vendor serving TPWD. The post Texas Parks & Wildlife Data Breach Affects 3 Million Individuals appeared first on SecurityWeek .

The article reports that attackers compromised a third-party licensing vendor used by the Texas Parks & Wildlife Department, exposing personal data (including driver’s license details, passport numbers, and contact information) of roughly 3 million individuals.[1][3][5] Officials state that Social Security numbers, dates of birth, and financial information were not accessed, and the incident was detected by Texas Cyber Command, prompting investigation and notification.[1][2][5] From a CyberSE.AI perspective, this illustrates a critical AI and IT supply chain risk: sensitive state data was exposed through a vendor system rather than the primary agency, underscoring the need for rigorous third-party risk management, SBOM-style transparency, and continuous security assessments of external platforms that may later be integrated with or feed AI systems. Organizations using external vendors as data sources or operational backends for AI agents should apply formal supply chain security controls, contractual security requirements, and periodic readiness assessments to prevent similar large-scale data exposure.