Texas State Bar warns of data breach after INC ransomware claims attack

April 3, 2025

State Bar of Texas

The State Bar of Texas is warning it suffered a data breach after the INC ransomware gang claimed to have breached the organization and began leaking samples of stolen data.

The State Bar of Texas is the second-largest bar association in the United States, with over 100,000 licensed attorneys. It regulates the legal profession in Texas by overseeing licensing, continuing legal education, ethical compliance, and disciplinary actions.

In a notification letter sent to affected members, the organization states that it suffered a security breach between January 28 and February 9, 2025, but it was only discovered on February 12.

The threat actors were able to steal information from the network, including full names and other data that is redacted in the public data breach notifications filed with Attorney Generals' offices.

"Through the investigation, we determined that there was unauthorized access to our network between January 28, 2025 and February 9, 2025," reads the notice.

"During this time, the unauthorized actor was able to take certain information from our network."

The notice doesn't provide much information about the hacking group responsible for the breach, but the INC ransomware gang claimed an attack against the State Bar of Texas by adding the organization to its dark web extortion page on March 9, 2025.

The threat actors have already leaked samples of allegedly stolen files, including legal case documents.

BleepingComputer could not verify if the leaked data came from the organization's networks and if they were private or publicly available information. Our inquiry to the State Bar of Texas has so far gone unanswered.

Recipients of the data breach notifications are offered free-of-charge credit and identity theft monitoring service coverage through Experian, given until July 31, 2025, to enroll using the enclosed activation code.

Additionally, it is recommended that they consider activating a credit freeze or placing a fraud alert on their credit files to mitigate the risks that stem from the exposure.