- The Texas Department of Transportation confirmed to suffer a cyber attack
- A threat actor used credentials committed to access the system
- Hundreds of thousands of names, addresses and PII were exposed
The Texas Department of Transportation (TXDOT), a government agency responsible for supervising the construction, maintenance and operation of the State transport system, suffered a cyber attack and lost sensitive personal records.
The agency confirmed the news in a brief notification published on its website earlier this week.
According to the announcement, a threat actor used a compromised government account to access TXDOT systems. After detecting “unusual activity” in the Crash record information system (Cris), the agency investigated even more and discovered that the attacker agreed and discharged almost 300,000 shock reports.
Robed data in violation include complete names, postal addresses, driver’s license numbers, registration numbers, automobile insurance policy numbers and other information (such as sustained lesions or shock description).
GTA, Minecraft, COD, Sims All Hit
Txdot said he immediately disabled access from the committed account and notified the affected people. They have been warned that they are careful with possible phishing and social engineering attacks, with the issue of car accidents. He also said he was implementing “additional security measures for accounts” to avoid similar incidents in the future, but did not detail what these measures are.
This type of information is quite useful for cybercriminals. They can use it to send electronic personalized phishing emails, with the issue of something with which the victim is familiar and has interacted in the past. These phishing attacks are more successful than random, generic, and can lead to identity theft, wire fraud, malware attacks or even ransomware.
Government agencies are a popular objective, mainly since they often have information from confidential citizens. At the beginning of April 2025, the Florida State Department suffered a data violation that may have exhibited information of 500,000 people, and in August 2024, national public data confirmed that it was affected by data violation, and that millions of users were at risk.
At the time of publication, no threat actor attributed the responsibility of this attack.
Through Bleepingcomputer
