The State Bar of Texas, the second-largest bar association in the US, has confirmed a data breach after the INC ransomware gang claimed responsibility and began leaking stolen data. The breach, discovered on February 12, 2025, occurred between January 28 and February 9, 2025.
The attackers gained unauthorized access to the organization’s network, stealing information including full names and other data. While the exact nature of the stolen data beyond names is redacted in public breach notifications filed with Attorney Generals’ offices, the INC ransomware group has already leaked samples of allegedly stolen files, including legal case documents.
INC Ransom extortion page
Source: BleepingComputer
“Through the investigation, we determined that there was unauthorized access to our network between January 28, 2025 and February 9, 2025,” the State Bar of Texas stated in a notification letter to affected members.
“During this time, the unauthorized actor was able to take certain information from our network.”
The INC ransomware gang publicly claimed the attack on March 9, 2025, adding the State Bar of Texas to its dark web extortion page.
It has not yet been independently verified if the leaked data originated from the State Bar’s network or if it constituted private or publicly available information. Attempts to contact the State Bar of Texas for comment remain unanswered.
Affected members are offered complimentary credit and identity theft monitoring services through Experian until July 31, 2025. Activation requires using an enclosed code. The State Bar also recommends activating a credit freeze or fraud alert on credit files as an added precaution.
