A compromised account allowed a threat actor to download sensitive crash data from a state system in May 2025.
The Texas Department of Transportation (TxDOT) confirmed that nearly 300,000 crash records were improperly accessed and downloaded on May 12, 2025. The breach stemmed from the misuse of a compromised user account within TxDOT’s Crash Records Information System (CRIS).
According to the agency, suspicious activity was identified on the same day and traced to the unauthorized account. Access from that account was immediately disabled, and an internal investigation followed.
The stolen crash reports may include the following types of personally identifiable information (PII): full names, physical addresses, driver’s license numbers, license plate numbers, car insurance details, and injury or crash descriptions. While the exact number of affected individuals remains unconfirmed, TxDOT has begun issuing data breach notifications.
Though the agency has not offered identity theft protection or credit monitoring, it is encouraging individuals to remain alert, monitor their credit reports, and consider placing a credit freeze. A dedicated phone support line has been established for questions and assistance.
As of now, no ransomware group or extortion actor has claimed responsibility for the breach, and the specific method used to compromise the account has not been disclosed.
TxDOT stated it has taken steps to block unauthorized access and is enhancing its security protocols. The agency has not released additional details about the identity of the threat actor or the total number of people impacted.
CRIS, or the Crash Records Information System, is TxDOT’s platform for storing and managing crash-related data used by law enforcement, insurers, and transportation planners across Texas.
Agencies use monitoring tools to flag unusual login behavior, such as logins from unexpected IP addresses, rapid data downloads, or activity during off-hours.
While some agencies provide credit monitoring, others opt for lower-cost support measures like phone helplines. Budget, perceived risk, and available resources often influence this decision.
Data in crash reports can be used for phishing, insurance fraud, or targeted scams, especially when combined with other breached information.
Yes. Individuals in Texas can request crash reports through TxDOT’s CRIS platform or contact the department directly for more information about their data.