Data Leak Hits Millions Of License Buyers In America's Second-Largest State

Imagine what a scammer could do with your personal data in six months. Depending on what data was mined, a scammer could open credit accounts in your name, drain your bank account, and even share your information on the dark web. It's a potential nightmare that would take you years to resolve, and yes, it could happen to you. The average number of days it takes a company to detect a data breach is a staggering 181, and it then takes, on average, another 60 days to contain it. Meanwhile, you're guessing who accessed your data and what they plan to do with it.

Three million Texas license buyers have been left wondering just that after a data breach involving a vendor associated with the Texas Parks and Wildlife Department license system. The leak was detected by Texas Cyber Command and involves customers of the hunting and fishing license program in the Lone Star State. While their Social Security numbers were not compromised, an unauthorized person was able to access driver's license information, email addresses, phone numbers, residential addresses, and even passport numbers. Birth dates and credit card details were reportedly not exposed, but that may be little consolation to those involved.

Texas Parks and Wildlife assured the public that no customers under the age of 18 were affected by the breach, and it has put additional security measures in place. It's also working with the vendor to ensure such a breach doesn't happen again, but some customers are questioning why so much personal data is necessary for a hunting or fishing license.

These breaches are incredibly frustrating for Americans because we expect our information to be secured. Today, the only surefire way to avoid becoming a victim is to completely opt out of sharing personal data — an impossibility in modern life. When a simple application for a fishing or hunting license can lead to data breaches, what can we do to protect ourselves?

State agencies are a common target for malicious actors. Last year alone, there were thousands of incidents involving these agencies and associated vendors. In Texas, affected customers are being offered one year of free credit monitoring, but there are also steps you can take before a data leak occurs that will help protect your sensitive data.

First, keep your own accounts secure. Use strong, unique passwords, and don't share passwords across multiple accounts. Change your passwords regularly. Update apps and software to ensure that you're taking advantage of critical security updates, and enable two-factor authentication when possible. To protect against identity theft, don't carry your Social Security card with you, but store it somewhere safe and secure. Shred any documents that contain personal information, and regularly review your financial statements and credit reports for irregularities. You can also request a security freeze that restricts access to your credit reports, and if you think you're at risk, a fraud alert will require lenders to take extra steps to confirm your identity.