Is Your Law Firm Currently In "Safe Harbor"?
Texas SB 2610 requires documented cybersecurity. Enter your domain or email for an instant audit.
Texas Cybersecurity Safe Harbor (SB 2610)
The law scales based on your firm's size. Maintain a documented program to gain affirmative defense against punitive damages.
Tier 1: Under 20 Employees
Requires strict access controls (unique accounts + least privilege), documented password policies with mandatory MFA, and regular security awareness training.
Tier 2: 20-99 Employees
Requires active asset & software inventory, continuous automated vulnerability management, endpoint protection, and tested data recovery backups.
Tier 3: 100-249 Employees
Requires full alignment with NIST CSF or ISO 27001, advanced 24/7 threat detection, and rigorous third-party risk management.
The Golden Rule: Document everything and formally review your program annually.
Texas OAG Watch
Law Firms Listed in Texas Breach Reports
The Texas Attorney General publishes data security breach notices for incidents affecting Texans. The list below highlights likely law-firm or legal-service entities found in that public database.
Law-Firm / Legal-Service Breach Reports
A filtered review of the Texas OAG Data Security Breach Reports database found likely law-firm or legal-service entities in published breach notices from August 2025 through May 2026.
Largest Reported Breaches
All Listed Law-Firm / Legal-Service Entries
| Law Firm / Legal Entity | Location | Texans Affected | Date Published |
|---|---|---|---|
| Martin Showers Smith & McDonald LLP | Hillsboro, Texas | 457 | Aug 29, 2025 |
| Williams Hart & Boundas, LLP | Houston, Texas | 334 | Sep 22, 2025 |
| Sheheen, Hancock & Godwin, LLP. | Camden, South Carolina | 416 | Sep 26, 2025 |
| Wear, Howell, Strickland, Quinn and Law, LLC | Decatur, Alabama | 676 | Oct 7, 2025 |
| Mehri & Skalet, PLLC | Washington, DC | 505 | Oct 27, 2025 |
| Thompson & Horton LLP | Houston, Texas | 41,222 | Oct 30, 2025 |
| Pillsbury Winthrop Shaw Pitman LLP | Los Angeles, California | 39,573 | Nov 7, 2025 |
| Mehri & Skalet, PLLC | Washington, DC | 3,210 | Nov 21, 2025 |
| TorHoerman Law, LLC | Edwardsville, Illinois | 710 | Dec 19, 2025 |
| Herrman & Herrman PLLC | Dallas, Texas | 13,424 | Dec 22, 2025 |
| Foley & Lardner LLP | Milwaukee, Wisconsin | 876 | Dec 29, 2025 |
| The Reecer Law Firm PLLC | Denton, Texas | 897 | Jan 27, 2026 |
| Wisner Baum LLP | Los Angeles, California | 3,154 | Jan 27, 2026 |
| Fried, Frank, Harris, Shriver & Jacobson LLP | New York, New York | 16,724 | Mar 9, 2026 |
| Gearhiser, Peters, Elliott & Cannon, PLLC | Chattanooga, Tennessee | 3,717 | Mar 17, 2026 |
| Williams Hart & Boundas, LLP | Houston, Texas | 7,844 | Mar 18, 2026 |
| Law Office of Michael R. De La Paz | San Antonio, Texas | 2,000 | Apr 13, 2026 |
| Rodenburg Law Firm | Fargo, North Dakota | 606 | Apr 24, 2026 |
| Martin & Cukjati, LLP | San Antonio, Texas | 897 | May 5, 2026 |
| Sprouse Shrader Smith PLLC | Amarillo, Texas | 17,666 | May 5, 2026 |
| Berger & Williams, LLP | San Diego, California | 312 | May 6, 2026 |
Source: Texas OAG Data Security Breach Reports. Entities filtered as likely law firms/legal services by organization name. The OAG does not consistently identify attack methods.