The Texas Department of Transportation (TxDOT) has reported a significant data breach, revealing that approximately 300,000 crash records were accessed and downloaded by an unauthorized threat actor. The breach, which occurred on May 12, 2025, was traced to compromised credentials that allowed the attacker to gain entry into the TxDOT systems.
In an official announcement, TxDOT confirmed they detected unusual activity within their Crash Records Information System (CRIS) on the date of the incident. Upon further investigation, it was discovered that the unusual access originated from an account that had been compromised. TxDOT acted promptly to disable access from the affected account and is currently assessing the scope of the breach.
The stolen data includes sensitive information such as full names, physical addresses, driver’s license numbers, and vehicle insurance policy numbers, which increases the risk of social engineering, scamming, and phishing attacks targeting the individuals affected by this breach. TxDOT has yet to disclose the total number of individuals impacted.
To mitigate the risks, TxDOT has initiated the distribution of data breach notifications to those affected, advising them to remain vigilant against possible targeted scams using the stolen information. Although no identity theft protection or credit monitoring services were offered, the agency has set up a dedicated support line to assist the individuals in navigating the situation. TxDOT has also urged impacted individuals to monitor their credit reports for suspicious activities and consider action such as credit freezes.
In response to the incident, TxDOT emphasizes that unauthorized access to the compromised account has been blocked and further security measures are being implemented to prevent such breaches in the future.
As of now, no ransomware or extortion groups have claimed responsibility for the attack. Updates will be provided as information becomes available.