More than 3 million Texas hunting and fishing license holders may have had their personal information exposed after a cyberattack targeted a vendor that manages license sales for the Texas Parks and Wildlife Department.
Quick Summary – TLDR:
- More than 3 million Texans were affected by a data breach involving a third party license sales vendor.
- Exposed information may include driver’s license numbers, passport numbers, email addresses, phone numbers, and home addresses.
- Officials said Social Security numbers, dates of birth, and financial information were not compromised.
- Affected customers are eligible for one year of free credit monitoring through Kroll.
What Happened?
Texas Parks and Wildlife has disclosed a major cybersecurity incident involving a vendor responsible for processing hunting and fishing license sales. The breach potentially exposed personal information belonging to more than 3 million license holders across the state.
State officials say an unauthorized actor gained access to customer data, prompting an investigation by Texas Cyber Command, the state’s cybersecurity agency created in 2025 to help defend against growing cyber threats.
Officials said no Social Security numbers, dates of birth, or financial information were accessed, and records belonging to minors were not affected. https://t.co/maha2ecqeA
— CBS News Texas (@CBSNewsTexas) June 21, 2026
Cyberattack Targets License Sales Vendor
According to Texas Parks and Wildlife, the security incident occurred after a third party vendor that manages hunting and fishing license transactions suffered a breach. The incident was detected on June 18, and investigators later determined that customer information may have been accessed by an unauthorized individual.
The potentially exposed information includes:
- Driver’s license numbers.
- Passport numbers, if provided.
- Email addresses.
- Phone numbers.
- Residential addresses.
The agency emphasized that some of the most sensitive forms of personal information were not affected.
Officials said Social Security numbers, dates of birth, and financial information, including credit card data, were not accessed during the breach.
Texas Cyber Command Investigating
The investigation is currently being led by Texas Cyber Command, a state agency established by lawmakers in 2025 to strengthen Texas’ response to cyberattacks and digital threats.
Authorities have not publicly identified the attackers or disclosed how the unauthorized access occurred. The investigation remains ongoing as officials work to determine the full scope of the incident and whether any of the exposed information has been misused.
The breach ranks among the largest reported data exposure incidents in Texas this year due to the sheer number of affected individuals.
Agency Implements New Security Measures
Texas Parks and Wildlife said it has already taken steps to improve security and reduce the risk of similar incidents in the future.
Texas Parks and Wildlife officials said in a statement:
The department said it is working with the vendor to introduce:
- Additional security safeguards.
- Enhanced monitoring services.
- Stronger access controls for customer data.
Officials also confirmed that hunting and fishing license sales will continue as scheduled when the next licensing year begins in August.
Free Credit Monitoring Offered to Affected Customers
To help affected individuals, Texas Parks and Wildlife is offering one year of free credit monitoring through Kroll.
Eligible customers can verify their eligibility by calling 844-959–7123. Enrollment for the service will remain open until September 14, 2026.
The agency is also encouraging customers to take precautionary steps, including:
- Monitoring bank and financial account statements.
- Reviewing credit reports for unusual activity.
- Considering a credit freeze with major credit bureaus.
- Remaining alert to phishing emails, text messages, and unexpected requests for personal information.
Why Hunting and Fishing License Data Matters?
Texas requires hunting licenses for individuals who hunt animals, birds, frogs, and turtles within the state. License fees support a range of conservation and outdoor recreation programs, including fish stocking, habitat restoration, wildlife management, and public hunting opportunities.
Because millions of Texans purchase these licenses each year, the licensing database contains a significant amount of personal information, making it an attractive target for cybercriminals.
SQ Magazine Takeaway
I think this incident is another reminder that third party vendors can become a weak point in the security chain, even when government agencies themselves are not directly breached. While it is encouraging that Social Security numbers and financial information were not exposed, the theft of driver’s license details, passport information, addresses, and contact data still creates serious privacy risks. Anyone affected should take advantage of the free credit monitoring and stay alert for phishing scams that often follow major data breaches.
