State Bar of Texas confirms data breach following ransomware gang's claims

The State Bar of Texas has confirmed a significant data breach following claims by the INC ransomware group that it had infiltrated the organization’s systems and begun leaking confidential information online. The breach, which occurred between January 28 and February 9, 2025, affects an undisclosed number of individuals, and may involve sensitive data, including legal case documents and personal details.

In formal notifications sent to affected members, the State Bar acknowledged the unauthorized access, stating, “Through the investigation, we determined that there was unauthorized access to our network between January 28, 2025 and February 9, 2025. During this time, the unauthorized actor was able to take certain information from our network.”

Although the full extent of the compromised data has not been publicly disclosed, the breach notification letters confirm that names and other personal information were among the data stolen. Specific details remain redacted in disclosures filed with various state Attorneys General.

The State Bar of Texas, which oversees more than 100,000 licensed attorneys and is the second-largest bar association in the United States, plays a central role in regulating the legal profession in the state. Its responsibilities include attorney licensing, ethical oversight, continuing education, and disciplinary enforcement.

The INC ransomware gang, which has gained notoriety for targeting government and legal institutions, publicly claimed responsibility for the attack by adding the State Bar of Texas to its extortion website on March 9. The group has since posted samples of what it alleges are stolen documents, including legal case files. While the authenticity of the leaked materials has yet to be independently verified, cybersecurity publication BleepingComputer reports that attempts to obtain clarification from the State Bar have gone unanswered.

In response to the incident, the organization is offering affected individuals complimentary credit and identity theft monitoring services through Experian, with an enrollment deadline of July 31, 2025. Members are also being advised to consider placing a credit freeze or fraud alert on their credit reports as a precautionary measure.