Texas government data breach allowed hackers to steal 3 million driver's licenses and passports
A data breach involving a Texas Parks and Wildlife Department vendor exposed personal information for over 3 million people. Stolen records include passport numbers and driver's licenses. The vendor is responsible for state hunting and fishing license sales.
What changed
The breach date was identified as June 18, 2026.
Live updates
-
Hackers Steal ID Data of 3 Million Texans via Government Vendor
confidence 90%A data breach involving a Texas Parks and Wildlife Department vendor exposed personal information for over 3 million people. Stolen records include passport numbers and driver's licenses. The vendor is responsible for state hunting and fishing license sales.
What's confirmed:
- Hackers stole personal government-issued ID data from over 3 million Texans.
- The stolen information includes driver's license and passport numbers.
- The breach occurred through a vendor that manages Texas hunting and fishing license sales.
-
Cyberattack Exposes Data of Over 3 Million Texans
confidence 100%A data breach at a Texas Parks and Wildlife Department vendor exposed the personal information of more than 3 million people. Stolen data includes driver's license and passport numbers. The vendor manages the sale of state hunting and fishing licenses.
What's confirmed:
- A cyberattack on a Texas Parks and Wildlife Department vendor exposed information for more than 3 million Texans.
- The stolen data includes passport and driver's license numbers.
-
Texas Parks & Wildlife Vendor Breach Exposes 3 Million IDs
confidence 95%A cyberattack on a third-party vendor for the Texas Parks & Wildlife Department compromised the data of over 3 million hunters and anglers. Stolen information includes passport numbers, driver's license numbers, and contact details. The breach was publicly disclosed on June 18, 2026.
What's confirmed:
- The data breach affected 3,087,721 hunters and anglers.
- Compromised data includes driver's license numbers, passport numbers, email addresses, phone numbers, and residential addresses.
- The breach occurred via a third-party vendor serving the Texas Parks & Wildlife Department.
- The state's cybersecurity unit detected the breach and it was publicly disclosed on June 18, 2026.
- Financial data was not included in the compromised information.
Still unconfirmed:
- There is no evidence of malware, ransomware, or specific threat actor attribution.