Last updated: July 5, 2026 at 9:01 AM UTC
All 557 Vulnerability 199 Breach 106 Threat 245 Defense 7
Tag: identity-theft (3 articles)Clear

Texas Parks and Wildlife vendor breach exposes 3 million license holders

The Texas Parks and Wildlife Department says a breach at the third-party vendor that runs its hunting and fishing license sales exposed personal data for 3,087,721 customers, in what officials call the state's largest government data breach this year. The exposed information includes driver's license details, passport numbers where provided, email addresses, phone numbers, and home addresses; the department says Social Security numbers, dates of birth, and financial data were not taken. Texas Cyber Command detected the intrusion, which reached customer profile data through the vendor's systems. Because driver's license and passport numbers cannot be reset, affected people face lasting identity-theft and phishing risk.

Check
Texas hunting and fishing license holders should enroll in the offered Kroll credit monitoring before September 14, watch for phishing referencing licenses or state agencies, and review financial statements for fraud.
Affected
The 3,087,721 Texas hunting and fishing license customers whose driver's license, passport, and contact details were exposed through the department's third-party license vendor; minors were reportedly not affected.
Fix
Place a credit freeze or fraud alert with the major credit bureaus, enroll in the free monitoring, and stay alert to identity fraud. Organizations should tighten third-party vendor access controls and monitoring.

JCPenney breach exposes Social Security numbers and tax records of 368,000

Have I Been Pwned has added 368,418 accounts from a breach of JCPenney, after the extortion group ShinyHunters claimed in mid-June it stole data from the retailer and several sister brands under Catalyst Brands and Authentic Brands Group. ShinyHunters says the haul includes highly sensitive employee and customer data: Social Security numbers, dates of birth, W-2 tax forms, payroll records, and scans of government-issued IDs. Unlike passwords, these identifiers cannot simply be reset, raising long-term identity-theft and tax-fraud risk. JCPenney has not confirmed the full scope, and the group has not published samples, but the data types make this a serious exposure.

Check
Current and former JCPenney and Catalyst Brands staff and customers should check Have I Been Pwned, watch for tax, payroll, and identity-themed phishing, and monitor for fraudulent tax filings or new-account activity.
Affected
JCPenney employees and customers, plus those tied to sister brands like Aeropostale, Brooks Brothers, Lucky Brand, and Nautica; exposed Social Security numbers, W-2s, and ID scans carry lasting fraud risk.
Fix
Consider a credit freeze and fraud alert, file taxes early to pre-empt fraudulent returns, reset any reused JCPenney passwords, enable MFA, and treat tax or payroll messages referencing the breach with caution.

French govt identity documents agency ANTS confirms breach - hacker claims 19 million citizen records for sale

France Titres (Agence nationale des titres securises, ANTS), the French government agency responsible for issuing driver's licenses, national ID cards, passports, and immigration documents, has confirmed a security incident on the ants.gouv.fr portal. The agency detected the compromise on April 15 and published an acknowledgment April 20, saying individual and professional account data may have been exposed. On April 16, a threat actor using the alias 'breach3d' claimed responsibility on a hacker forum, alleging theft of up to 19 million records. The attacker says the stolen data contains full names, contact details, birth data, home addresses, account metadata, gender, and civil status. ANTS operates under the French Ministry of the Interior and is the authoritative source for official French identity documents, making any data leak a foundational risk for downstream phishing, social engineering, and identity fraud. The agency has notified France's data protection authority (CNIL), the Paris Public Prosecutor, and national cybersecurity agency ANSSI. ANTS is telling users no action is required but to exercise 'extreme caution' with any SMS, phone calls, or emails claiming to come from the agency - the stolen data is ideal raw material for targeted impersonation scams.

Check
If your business operates in France or handles French citizen data via identity verification, treat every inbound communication appearing to come from ANTS or French government services as potentially part of a phishing campaign over the coming months.
Affected
French citizens and residents with ants.gouv.fr accounts. Businesses operating in France that rely on ANTS-issued documents for KYC/AML checks. Any business with customer bases in France faces elevated phishing risk since the stolen data gives attackers accurate personal details to impersonate official government communications.
Fix
Brief French-based staff and customers that ANTS has been breached and that any unsolicited SMS, call, or email referencing French identity documents should be treated as potentially hostile. Confirm that your KYC verification flows don't rely solely on ANTS-sourced data elements (name, birthdate, address) as proof-of-identity - if that data is now circulating on criminal forums, it can no longer be treated as a strong identity signal. Strengthen inbound email filtering for domains impersonating ants.gouv.fr. Add the 'breach3d' alias and any advertised record counts to your threat intel watchlist for the next 90 days.