TPWD disclosed a breach affecting over 3 million Texas residents originating from a cyberattack on an unnamed third-party vendor managing the state’s hunting and fishing license system. No CVE has been assigned, the attack vector is not publicly disclosed, and no patch is applicable. The incident is a third-party risk event with direct relevance to any organization operating under similar contracted licensing or citizen-data service arrangements.