🟠High  | Source: The Register — Security
A third-party vendor breach has exposed the personal data of approximately 3 million Texas residents who hold hunting and fishing licences. The incident highlights the ongoing risk posed by state government agencies relying on external vendors to process and store citizen data. While full details of the compromised data types are still emerging, breaches of this scale affecting public-sector licence systems typically expose names, addresses, dates of birth, and contact information.
Security Architect’s Take: Review your vendor risk management programme to ensure third-party processors handling citizen or customer PII are subject to mandatory data minimisation requirements, regular security assessments, and contractual breach notification SLAs — government-facing vendors are a consistently weak link worth prioritising in your supplier audit cycle.
Original advisory: Everything’s bigger and better in Texas – even data breaches