Drug‑testing firm exposes 748,000 records in breach

Class‑action firms are investigating delayed notifications and handling of personal data exposure.
TADTS, data breach, BianLian, biometric data, Social Security, identity theft, breach notification delay, class action, ransomware leak, financial data exposure, login credentials

In a massive data breach revealed in July 2025, the Texas Alcohol & Drug Testing Service (TADTS) admitted hackers gained access to sensitive information belonging to approximately 748,763 individuals.

Attackers remained inside the network for five days in July 2024 before detection, later leaking hundreds of gigabytes of data via the BianLian ransomware group.

Exposed records include a dangerous mix of personal and financial data—names, Social Security and passport numbers, driver’s licence and bank account details, biometric information, health‑insurance files and login credentials.

The breadth of this data presents a significant risk of identity theft and financial fraud.

Despite identifying the breach shortly after, TADTS delayed notifying those affected until July 2025 and provided no credit monitoring or identity theft services.

The company is now under classic action scrutiny, with law firms investigating its response and breach notification delays.

Security experts warn that the extended timeline and broad data exposure could lead to scams, account takeovers and sustained damage to victims.

Affected individuals are urged to monitor statements, access free credit reports, and remain alert for suspicious activity.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!