Cyber Incident Victim: Texas Department of Agriculture

On January 6, 2020, the Texas Department of Agriculture (TDA) website was compromised in a cyberattack that replaced its homepage with a pro-Iran image. The defaced page displayed a picture of Iranian General Qassem Soleimani, who had been killed in a U.S. airstrike days earlier, overlaid with the text "hacked by Iranian Hacker" against a black-and-white backdrop. The incident was publicly reported by local news outlet KXAN, prompting immediate state and federal investigations. TDA officials confirmed the website defacement but clarified that no data breach or system infiltration occurred, characterizing the event as superficial rather than a full network compromise. Agency staff resolved the issue rapidly, restoring normal website functionality shortly after detection. The defacement coincided with heightened geopolitical tensions following Soleimani’s death, as Iran had publicly vowed retaliation against U.S. interests.

Texas Governor Greg Abbott subsequently disclosed a significant surge in cyberattack attempts originating from Iran, estimating approximately 10,000 incidents per minute targeting state agency websites in the aftermath of the strike. Abbott urged both public and private sector entities to bolster cybersecurity vigilance amid the elevated threat activity. Federal and state investigators collaborated to assess the TDA incident’s origins, though no attribution details were publicly confirmed. The department reiterated that critical systems and sensitive data remained unaffected, emphasizing the attack’s limited scope to website defacement. This incident exemplified broader concerns about Iran’s potential use of cyber operations as part of its retaliatory measures against U.S. targets during this period of escalated hostilities.