How many people were affected by the Texas General Land Office breach?

The data breach affected 44,485 Texans who were seeking state disaster relief assistance through the Texas General Land Office's programs.

What caused the Texas General Land Office data exposure?

The breach was caused by a software misconfiguration in the agency's Texas Integrated Grant Reporting system that improperly allowed applicants to access and view other users' sensitive personal information through the platform's search function.

What types of personal information were exposed in the Texas GLO breach?

The exposed data included names and home addresses, Social Security numbers, government identification numbers, banking and financial information, medical information and records, birth dates, and other personally identifiable information.

What is the Texas General Land Office and what services do they provide?

The Texas General Land Office is a state agency that manages public lands and natural resources for Texas. Among its responsibilities, it administers disaster recovery programs that provide relief assistance to victims of natural disasters, including funding for home repairs, rebuilding projects, and property buyouts.

What is the Texas Integrated Grant Reporting system?

The Texas Integrated Grant Reporting system is the online platform used by the Texas General Land Office to manage disaster relief applications and grant reporting. The software misconfiguration in this system allowed unauthorized access to sensitive applicant information through its search function.

Were financial records exposed in the Texas GLO breach?

Yes, banking and financial information was among the types of sensitive data exposed in the breach, potentially putting affected disaster relief applicants at risk of financial fraud and identity theft.

Was medical information compromised in the Texas GLO incident?

Yes, medical information and records were among the exposed data types, which is particularly concerning given the sensitive nature of healthcare information and its potential for misuse.

What years of disaster relief applicants were affected?

The breach affected disaster relief applicants who sought assistance for natural disasters that occurred between 2015 and 2024, representing nearly a decade of vulnerable disaster victims' personal information.

Why is this Texas GLO breach particularly concerning?

This breach is particularly concerning because it affects disaster victims who were already vulnerable and seeking government assistance. The exposure of complete personal profiles including Social Security numbers, financial information, and medical records creates significant risks for identity theft and fraud targeting people who have already suffered from natural disasters.

What should affected Texas disaster relief applicants do?

Affected individuals should monitor their financial accounts and credit reports for suspicious activity, consider placing fraud alerts or credit freezes on their accounts, be alert for phishing attempts or suspicious communications, and contact the Texas General Land Office if they have concerns about their application or personal information.

Incident

Texas General Land Office leaks data of 44,485 disaster victims

Q: How was the Texas GLO vulnerability discovered?

The vulnerability was discovered by a responsible user who was accessing the online grant system and noticed they could view other applicants' private information. This user promptly reported the security flaw to the agency, leading to its discovery and resolution.

published: Sept. 11, 2025

Learn More

The Texas General Land Office leaked the data of 44,485 Texans seeking state disaster relief assistance. The breach was caused by a software misconfiguration in the agency's Texas Integrated Grant Reporting system that allowed applicants to view other users' sensitive personal information through the platform's search function.

The incident was detected in late July 2025 when a user accessing the online grant system discovered they could view other applicants' private information and promptly reported the vulnerability to the agency.

Exposed data included:

Names and home addresses
Social Security numbers
Government identification numbers
Banking and financial information
Medical information and records
Birth dates
Other personally identifiable information

The data breach affected victims of natural disasters that occurred between 2015 and 2024 who were seeking state relief assistance for home repairs, rebuilding projects, and property buyouts through the Texas General Land Office's disaster recovery programs.

Following the disclosure, the agency's information security team fixed the issue and the Texas General Land Office announced plans to improve its internal review processes, implement stricter access controls, and enhance system monitoring and logging capabilities to prevent similar incidents.

Texas General Land Office leaks data of 44,485 disaster victims

Read More
Wayne County, Michigan hit by cyberattack, disrupts services
Cyberattack disrupts online services in Sugar Land, Texas
Florida Second Judicial Circuit reports security incident, Gadsden …
Newburgh city reports ransomware attack
Northern Ireland Department of Education leaks data of …