What You Need to Know about the TxDOT Data Breach

The Texas Department of Transportation (TxDOT) is responsible for designing, planning, operating, building, and maintaining the state’s transportation system to deliver a reliable and safe transportation system. It strives to ensure the ease of movement of people and goods through an integrated transportation system, which includes roads, airports, waterways, rail lines, pipelines, and inland and water ports. The Traffic Safety Division (TRF) of the TxDOT is largely responsible for collecting crash records and analyzing crash data in the state.

Recently, hackers targeted TxDOT and downloaded thousands of its crash records. In early June 2025, the department revealed it experienced a data breach in which personal information from about 300,000 crash reports was exposed. Investigation showed that the breach originated from a compromised account that was used to access information stored in TxDOT’s Crash Records Information System (CRIS). CRIS is generally designed to store details regarding traffic crashes and persons involved in those crash incidents.

According to TxDOT’s notification to the state’s Attorney General’s Office, a total of 423,391 Texans were affected by the crash records data breach. However, the number of individuals impacted could be higher, as it is likely that the personal information of residents of other states might have also been exposed by the incident. The data that may have been exposed in the TxDOT crash records data breach includes names (first and last), driver’s license number, physical and/or mailing address, car insurance policy number, and license plate number. Other information, such as crash description or sustained injuries, may have also been exposed by the incident.

When Was the TxDOT Data Breach?

The recent TxDOT data breach in which nearly 300,000 crash records were exposed, was not made public until early June 2025. However, the department stated in its report that the breach started on May 12, 2025. Following the discovery of the suspicious activity, the TxDOT says it immediately disabled access to the compromised account through which hackers accessed its Crash Reporting Information System (CRIS).

Although notification is not required by law in this case, the TxDOT took proactive steps to apprise members of the public by sending notification letters to the affected persons whose data were exposed in the crash records data breach. While the compromise is still being actively investigated, the TxDOT has confirmed it is implementing additional security measures to prevent a future occurrence of this incident. However, no details of those measures were revealed.

How to Check If Your Data Was Breached

You probably would have received a notification letter if your data was breached in the recent TxDOT crash records data breach. If you did not get a letter but wish to confirm if your private information was compromised by the incident, you may use any of the websites that track data breaches. These sites allow members of the public to check if their sensitive or confidential data has been exposed in a known data breach using their email address as the search parameter. However, caution should be taken not to overshare information when using any of these sites.

In addition, to check if your data was breached in the TxDOT data incident, you may want to consider checking your online accounts for any unauthorized activity. If you notice any login or attempted login at an unusual time or from an unknown location, it might be an indication that your personal information has been stolen during the breach. Similarly, difficulty in logging in to your online accounts may indicate your data has been compromised.

Furthermore, reviewing your financial accounts and credit reports may help. If you notice unusual activities on your credit reports or unfamiliar charges on your financial accounts, it may suggest that your confidential data was part of the recent TxDOT data breach.

What to Do If Your Data Was Breached

If your sensitive data was compromised in the TxDOT data breach and you have already received a notification letter, you may contact the department’s dedicated assistance line at 1 (833) 918-5951 toll-free for further inquiries and identity monitoring enrollment. The line is available Monday through Friday, 8:00 a.m. to 8:00 p.m., excluding United States holidays. Ensure the engagement number is written on your notification letter handy, as it will be required during the phone call.

Furthermore, to protect yourself, be cautious of how you engage with any text messages or email messages sent to you regarding the TxDOT data breach. Refrain from sharing any personal details, including bank account information, social security number, physical address, driver’s license number, or any other sensitive information with anyone. In addition, you should consider changing passwords across various online accounts.

Individuals whose data were exposed in the TxDOT data incident may take additional steps to freeze their credit or monitor their credit reports. To monitor your credit reports for any suspicious activity, you may request a free credit report from any of the U.S. big credit bureaus by phone, online, or by mail. To further safeguard your credit, you may ask any of the credit reporting agencies to put a fraud alert on your credit report. Once this is done, no one will be able to open credit accounts in your name for a while, even with compromised data.

Are There Any Lawsuits Because of the Data Breach?

No known lawsuits have been filed regarding the TxDOT crash records data breach as of mid-June 2025. According to the department in a news release, while no current Texas law requires the TxDOT to report the incident publicly, it opted to do so by mailing notification letters to all individuals identified as being impacted by the breach. 

Can My TxDOT Information Be Used for Identity Theft?

Yes. The TxDOT crash records include personally identifiable information sufficient to conduct identity theft. The incident and exposed information present a significant risk to the security and privacy of individuals affected, as compromised information may be exploited for all kinds of malicious purposes.

For instance, hackers may manipulate stolen data and launch social engineering campaigns targeting those impacted with phishing attacks or scams, in addition to exploiting the exposed data to carry out identity theft. Also, the TxTDOT crash reports data breach revealed insurance carriers, detailed records of vehicle registration, and license plates, which hacktivists may use to target people for auto-related fraud or fabricate insurance claims.

Similarly, the hackers could sell stolen information from the TxDOT crash reports data breach on the dark web to other cybercriminals, putting affected individuals at greater risk of further exploitation and future attacks. Using crash data, they could also impersonate insurance agents or law enforcement to swindle unsuspecting victims convincingly.

What Can You Do to Protect Yourself Online?

You may take the following steps to protect yourself online or mitigate the consequences of a data breach, whether or not your sensitive data was compromised in the TxDOT crash records data security incident:

• Always be on the lookout for phishing scams that use fraudulent websites and emails to trick unsuspecting victims into revealing confidential personal and/or financial information. Avoid opening attachments or clicking on links from unfamiliar sources. Also, it is best not to respond to unsolicited emails or text messages.
• Consider using strong passwords on your online accounts, and avoid setting the same or similar passwords across all platforms. Experts often suggest using a mix of lower and uppercase letters, special characters, and numbers when setting a password. Also, do not share your passwords.
• Knowledge is arguably the best form of defense against cyber scams. You can stay abreast of cyber threats and the trends of the latest scams by constantly educating yourself using websites like IDStrong.
• Before entering your financial data on a website while shopping online, confirm that the website uses secure technology. You may do this by checking the web address at the checkout screen. If the web address does not start with “https” and there is no tiny padlock symbol on the page, then the website is likely unsecured, and you should consider canceling the transaction immediately. In addition, refrain from typing confidential information on public PCs. You can never tell if spyware has been installed on them that records your every keystroke.
• Avoid sharing sensitive information over public Wi-Fi networks if you have to use one. Using a home wireless network protected with a password is often recommended.
• You may monitor your credit file using a secure credit monitoring and identity theft protection service. Generally, such services are designed to notify you of changes in your credit reports and may help you recover from identity theft, if any.
• Consider enabling multi-factor authentication on your online accounts where possible. This may reduce the likelihood of falling victim to cyberattacks as it makes online accounts more secure by requesting additional information when trying to access them.
• Keep the operating system and software of your internet devices updated. These include your smartphones and computers.

Contact any appropriate authorities, including the Federal Trade Commission (FTC), whenever you observe any suspicious or unusual activity on your financial or online accounts.