TZUTC: -0500   
   MSGID: 866.consprcy@1:2320/105 2c554df3   
   PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0   
   TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   Texas State Bar hit by possible ransomware attack, warns of data breach   
      
   Date:   
   Fri, 04 Apr 2025 15:27:00 +0000   
      
   Description:   
   A data breach notification letter is being sent out as data samples leak on   
   the dark web.   
      
   FULL STORY   
      
   The State Bar of Texas, the official regulatory authority for lawyers in the   
   US state, has confirmed suffering a data breach that resulted in the theft of   
   sensitive member data.    
      
   On February 12, 2025, the State Bar of Texas identified suspicious activity    
   on its network and moved quickly to secure its environment, a data breach   
   notification letter sent to affected individuals reads.Through the   
   investigation, we determined that there was unauthorized access to our    
   network between January 28, 2025 and February 9, 2025.    
      
   The Texas State Bar is responsible for licensing, ethics enforcement, and   
   professional development. Its members are mostly licensed attorneys, and it   
   also provides legal resources for the public and supports the legal    
   profession through education and advocacy.    
      
   INC ransomware    
      
   While the organization did not detail the type of information stolen, or the   
   identity of the attackers, ransomware operators called INC ransomware claimed   
   responsibility for the breach. In fact, the group already leaked samples of   
   the data on the dark web, which include full member names and some legal case   
   documents.    
      
   While the authenticity of the data is yet to be determined, the State Bar of   
   Texas has already offered free credit and identity theft monitoring service   
   through Experian, until July 31 2025.    
      
   Potentially affected individuals are also recommended activating a credit   
   freeze, or placing a fraud alert on their credit files to make sure the    
   attack does not escalate further.    
      
   If the organization is added to a leak site, and samples are available to   
   download, then its safe to assume that the negotiations between the attackers   
   and the victim are ongoing.    
      
   If the archives get removed, then the organization likely paid the ransom   
   demand. If the entire data gets put up for sale (or dumped), then the   
   negotiations most likely broke down.    
      
   Law enforcement agencies advise against paying the ransom demand.    
      
    Via BleepingComputer   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/texas-state-bar-hit-by-possible-ransomw   
   are-attack-warns-of-data-breach   
      
   $$   
   --- SBBSecho 3.20-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/305 153/7715 154/110 218/700 226/30   
   SEEN-BY: 227/114 229/110 111 114 206 300 307 317 400 426 428 470 664   
   SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 712/848 902/26 2320/0 105 3634/12 5075/35   
   PATH: 2320/105 229/426