(844) 627-8267
(844) 627-8267

Has your private info been compromised? These six Texas industries were hacked in 2023 | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Texas was among the most targeted locations for cyberattacks in 2023 and some of the state’s biggest companies didn’t make it out of the year without user information becoming available to unauthorized third parties.

Mortgage loan titan Mr. Cooper’s recent data security breach left 14.6 million of its customers’ private information compromised. According to data from Texas Attorney General Ken Paxton’s office, approximately 1,182,962 Texans are affected by the Mr. Cooper data breach.

But the Coppell-based company is far from the only Texas company to have its user information become a target for hackers. Millions of other Texans became victims of cyberattacks in 2023, with a wide net of industries and cities as the target. From health care to banking, it’s possible your data is out there somewhere.

Texas has become the target of cyberattacks due to a lack of investment in cyber protection, said Ram Dantu, director of the Center for Information and Cyber Security at the University of North Texas.

“Foreign actors actively monitor and collect information about the physical as well as cyber networks,” he said. “These industries are heavily understaffed in cybersecurity. These industries need specialized cybersecurity efforts. Moreover, every employee needs to be cyber-trained.”

Health care

Nearly 3 million Texans were affected by cyberattacks involving over 30 health care companies, according to the data from Paxton’s office. But Texas’ biggest 2023 health care cybersecurity attacks originated from the data breach on popular file transfer company MOVEit, which affected 67 million people nationwide including Texas Medicaid recipients.

MOVEit user Bellaire-based Harris Health System announced in July that cybercriminals had gained unauthorized access to and downloaded patient information. Though the company said not every patient was affected, Paxton’s office estimated around 229,195 Texans were hit.

Even non-MOVEit users weren’t spared. Houston’s Harris Center for Mental Health didn’t use MOVEit, but in November 2023, a ransomware attack encrypted employee files and made them temporarily inaccessible. Approximately 446,749 Texans were affected by that, according to Paxton.

Further west, San Antonio-based CentroMed, one of the largest clinic operators in the area, announced in August that hackers gained access to past and current patient information. The attack, which affected roughly 350,000 Texans, has resulted in two separate class-action lawsuits filed in district and federal courts against the company.

The lawsuits allege the company failed to uphold HIPAA by not protecting customer data. The district court lawsuit is seeking $1 million, while the federal court lawsuit is looking for $5 million.

The federal suit was filed by Joe Kendall and his law firm, Kendall Law Group. It’s the same firm that filed the federal suit against Mr. Cooper.

Dallas health services also weren’t left out. Beyond the ransomware attack on the city that affected over 26,000 people, companies like Home Care Providers of Texas, Greater Dallas Healthcare Enterprises and the UT Southwestern Medical Center all experienced data breaches. Those involved nearly 200,000 Texans.

Financial services

Financial firm Charles Schwab, which is completing work on its fourth office building at its Westlake corporate campus, was also a victim of the MOVEit data breach. Though the attack didn’t impact the company’s business operations or other systems, the incident affected TD Ameritrade, a Charles Scwhab affiliate.

In August, the company said less than 0.5% of its clients were affected. That included about 5,000 Texans, according to Paxton. Since then, the company has been hit with a class-action lawsuit in Nebraska federal court for negligence, unjust enrichment and breach of implied contract.

Dallas-based PlainsCapital Bank also got caught up in the MOVEit data breach. The bank has over 60 locations in the state and is considered one of the largest independent banks in Texas. More than 170,000 Texans were affected by that, according to Paxton.

The MOVEit breach also hit 54,950 of Austin-based University Federal Credit Union’s users.

Even without MOVEit, financial institutions like San Antonio-based Generations Federal Credit Union, Irving-based Populus Financial Group, Inc., Amarillo-based Happy State Bank and San Antonio-based giant USAA were struck by cyber attacks. Over 50,000 Texans became victims in those four data breaches, according to Paxton.


In October, West Texas Gas filed a notice of a data breach that affected 44,916 Texans, according to Paxton. When hackers gained access to WTG’s system and customer information, they copied and deleted certain confidential files.

WTG, which operates over 1,800 miles of natural gas transmission pipelines in Texas, New Mexico and Oklahoma, has at least five law firms investigating the company. However, since November, no evidence of identity theft has been reported, according to Bloomberg.

Even international companies like London, England-based Shell were affected by the MOVEit data breach. Though the attack targeted employees within the company’s Australian BG Group, 737 Texans were affected, according to Paxton.


Nearly 40,000 Texans saw their information compromised in a cybersecurity attack on MAC Pizza Management. The College Station-based company, which owns and operates 99 Domino’s Pizza stores in Texas, said a hacker gained access to employee information and potentially driver license numbers.

A lawsuit against the Domino’s franchisee claimed the company used outdated software. However, the case was terminated in late September.

Fort Worth-based food and alcohol distributor Ben E. Keith Company filed a data breach notice in Texas in December. The company didn’t say how hackers were able to access consumers’ information, leading some experts to believe the attack did not involve malware or ransomware, said identity and crediting monitoring service IDStrong.

The company serves over 62 Texas counties and is a provider of Anheuser-Busch products. About 30,801 Texans were affected, according to Paxton, and a class-action suit has been filed.

Earlier in the year, Houston-based food product distributor Sysco Corp. had a data breach that exposed the information of 126,000 people. Starting in January 2023, hackers stole info related to business operations, customers and employees. After 14,639 Texans were affected, a suit alleging that Sysco failed to protect individuals was filed in federal court.


Hackers broke into a database in April that contained the information of pilots’ applicant data for two of Dallas-Fort Worth’s biggest airline companies, American Airlines and Southwest Airlines. Though the attack targeted Austin-based recruiter Pilot Credentials, it affected 5,745 applicants for American and 3,009 for Southwest.

Nearly 2,000 of those affected were Texans, according to Paxton’s office. American said the hack didn’t involve the company’s internal systems or customer data.


Even mercurial billionaires like Elon Musk can’t escape hacks. In May, Austin-based Tesla experienced a data breach that didn’t involve a third party infiltrating the company or malware.

Instead, the company said two of its former employees were responsible for a data leak that exposed the private information of 75,000 employees. Musk also didn’t escape unscathed as his Social Security number was one of many found in the files.

Tesla then filed a suit against the two employees it claims were at fault for the leak. But in September, Tesla employees turned the tables on the company when they filed a class-action lawsuit for failing to protect their information. Over 2,000 Texans were affected by the leaks, according to Paxton.

What can Texas do?

As hackers and their malware continue to get smarter, UNT’s cyber security expert Dantu said Texas companies and government agencies need to ramp up cyber protection efforts.

“Texas needs to invest in its workforce in cybersecurity, more training of employees, and universities need to create more cybersecurity-related courses and tools so that the next generation can secure the cyber-physical systems like oil, gas, power, energy, and other sectors,” Dantu said. “Equally important, Texas also needs to attract startup companies for innovation in the above domains.”


Click Here For The Original Story From This Source.

National Cyber Security