Texas Data Breach, Gentlemen RaaS, and Apple Privacy Changes: A Week in Security

A data breach at a vendor for the Texas Parks and Wildlife Department has exposed the personal information of more than 3 million individuals, including driver's license numbers. The incident, disclosed this week, underscores the persistent risk posed by third-party access to sensitive government data.

The breach involved the department's license system vendor, though the vendor's name has not been publicly released. The exposed data includes names, addresses, and driver's license numbers for over 3 million people who purchased hunting or fishing licenses through the system.

Gentlemen RaaS Deploys Sophisticated EDR Killer Framework

Separately, cybersecurity researchers at ESET have detailed the inner workings of the Gentlemen ransomware-as-a-service (RaaS) operation, which has claimed 504 victims since its emergence in March 2025. The group's most notable capability is a suite of endpoint detection and response (EDR) killing tools centered on a framework called GentleKiller.

GentleKiller targets 400 processes associated with 48 distinct security programs from multiple vendors. The group uses a bring-your-own-vulnerable-driver (BYOVD) attack technique, exploiting drivers from companies including Kaspersky, FACEIT, and Valorant. ESET researcher Jakub Souček noted the group's ability to operationalize newly disclosed proof-of-concept exploits within days of their public release.

• The group uses third-party tools like HexKiller, ThrottleBlood, and HavocKiller, standardized through a shared defense-evasion layer.
• Affiliates are provided with ready-to-use EDR killers, lowering the barrier for entry into ransomware attacks.
• The group is led by a 36-year-old Russian national, Alexander Andreevich Yapaev, according to reports from Krebs and PRODAFT.

Apple's Hide My Email Change Draws Privacy Backlash

Apple has made a change to its Hide My Email feature that privacy advocates say undermines the service's core purpose. The tweak allows websites to detect when a user is signing up with a masked email address, potentially enabling them to block anonymous sign-ups. Critics argue this move contradicts Apple's long-standing privacy-first marketing.

Meanwhile, the Federal Trade Commission reported that imposter scams cost Americans $3.5 billion in 2025, a figure that continues to rise. And a newly disclosed physical vulnerability in iPhones, while difficult to exploit, could allow jailbreaking and data access, though Apple has not yet issued a patch.

Looking ahead, the Texas breach is likely to prompt further scrutiny of vendor security practices in state governments. The Gentlemen RaaS group's technical agility suggests it will remain a significant threat. Apple's Hide My Email change may push privacy-conscious users to seek alternative masking services.