Texas State Bar Hit by Major Data Breach:
The Verdict Is In

The State Bar of Texas, the second-largest bar association in the United States with over 100,000 licensed attorneys, has confirmed a significant data breach. The security incident occurred between January 28 and February 9, 2025, but wasn’t discovered until February 12.

  Who’s Responsible?

The INC ransomware gang has claimed responsibility for the attack. They added the organization to their dark web extortion page on March 9, 2025, and have already begun leaking samples of allegedly stolen files, including what appear to be legal case documents.

INC is a ransomware gang that emerged in July 2023 and targets organizations across various sectors including healthcare, education, and government. Their methods typically involve spear phishing and exploiting known vulnerabilities in software. The group has claimed responsibility for 86 confirmed ransomware attacks, plus another 280 unconfirmed claims. In 2025 alone, INC has claimed seven confirmed attacks and 61 unconfirmed.

  Who’s Affected and What Data Was Compromised?

According to reporting by Comparitech, the State Bar of Texas notified approximately 2,700 Texans about the data breach. The compromised information is extensive and includes highly sensitive personal data:

• Names
• Social Security numbers
• Financial account information including account numbers, credit and debit card numbers
• Driver’s licenses or other government-issued ID
• Medical information
• Health insurance information

The Bar also notified a small number of victims residing outside of Texas, including two in New Hampshire and eight in Massachusetts.

(INC Ransom Extortion Page – Source: BleepingComputer)

  How the Breach Was Discovered and Remediated

During the breach period between January 28 and February 9, 2025, unauthorized actors gained access to the organization’s network and exfiltrated certain information. The breach was discovered on February 12, 2025, and the organization has since launched an investigation.

We don’t yet know exactly how attackers breached the Bar’s network or whether the State Bar paid a ransom. The State Bar of Texas has not verified INC’s claim, and the exact infiltration method remains undisclosed.

  State Bar’s Response and Protection Measures

The State Bar of Texas is offering affected individuals free credit and identity theft monitoring services through Experian. Victims have until July 31, 2025, to enroll using the provided activation code.

Additionally, the organization recommends that affected individuals consider activating credit freezes or placing fraud alerts on their credit files to mitigate potential risks from the exposure.

  Why This Breach Matters

This breach highlights the ongoing threats posed by ransomware groups targeting professional institutions and legal organizations. The exposure of sensitive legal documents could have serious implications for those involved, further emphasizing the need for robust cybersecurity measures.

 How CinchOps Can Help Secure Your Business

Ransomware attacks like the one on the State Bar of Texas are becoming increasingly common across all sectors. Your organization could be next if proper security measures aren’t in place. Here’s how CinchOps can help protect your business:

1. Comprehensive Security Assessments: We identify vulnerabilities before attackers do.
2. Advanced Threat Detection: Our systems can detect unauthorized access attempts early, potentially preventing breaches before sensitive data is compromised.
3. Employee Security Training: Many breaches begin with spear phishing attacks. We train your team to recognize and avoid these threats.
4. Incident Response Planning: If the worst happens, having a plan in place can dramatically reduce damage and recovery time.
5. Data Encryption and Backup Solutions: Protect your sensitive information and ensure business continuity even during an attack.

Discover more about our enterprise-grade and business protecting cybersecurity services on our Cybersecurity page.

Don’t wait until after a breach to take cybersecurity seriously. Contact CinchOps today to learn how we can help secure your organization against sophisticated threats like the INC ransomware gang.

FREE CYBERSECURITY ASSESSMENT