Cyber Incident Victim: Texas Meter & Device Company

On August 9, 2022, Texas Meter & Device Company (TMD), a Waco-based energy and utilities firm founded in 1937 with 84 employees and $20 million annual revenue, publicly disclosed a data breach through filings with state attorney generals' offices. The incident originated from unauthorized access to TMD's computer network between June 11 and June 15, 2022, during which a hacker maintained persistent access for five days. Upon detecting the intrusion, TMD immediately secured its IT systems, notified law enforcement agencies, and engaged third-party cybersecurity experts to investigate the compromise. The company's forensic review, completed on July 27, 2022, confirmed that threat actors had accessed files potentially containing sensitive consumer information, though TMD did not publicly specify the exact data types compromised. Based on state breach notification requirements, the exposed information likely included highly sensitive personal details of affected individuals.

TMD initiated consumer notification procedures on August 9, 2022, distributing data breach letters to all impacted parties whose information was confirmed as compromised during the month-long forensic examination. The company's investigation timeline revealed a 46-day period between network access termination and completion of data review, followed by 13 days between forensic conclusion and consumer notifications. While TMD did not disclose the attack vector or number of affected individuals, state regulatory filings indicated the breach involved unauthorized access to operational network components that temporarily disrupted certain IT functions. No additional details were provided regarding containment measures beyond system security enhancements, law enforcement coordination, or specific remediation efforts undertaken post-incident. The breach notification letters constituted TMD's primary communication channel to inform consumers about potential exposure of their personal information.