Is Your Texas Business In "Safe Harbor"?
Texas SB 2610 rewards any business that maintains a documented cybersecurity program — law firms, medical and dental offices, dealers, CPAs, advisors and more. Enter your domain or email for an instant audit.
Texas Cybersecurity Safe Harbor (SB 2610)
The law scales based on your headcount, not your industry. Maintain a documented program sized to your business to gain an affirmative defense against punitive damages.
Tier 1: Under 20 Employees
Requires strict access controls (unique accounts + least privilege), documented password policies with mandatory MFA, and regular security awareness training.
Tier 2: 20-99 Employees
Requires active asset & software inventory, continuous automated vulnerability management, endpoint protection, and tested data recovery backups.
Tier 3: 100-249 Employees
Requires full alignment with NIST CSF or ISO 27001, advanced 24/7 threat detection, and rigorous third-party risk management.
The Golden Rule: Document everything and formally review your program annually.
Built for your industry
Compliance Looks Different in Every Profession
Same instant audit, tuned to the rules you actually answer to. Pick your field for a tailored breakdown.
Law Firms
SB 2610 Safe Harbor & your duty of competence.
Run a tailored audit →Healthcare & Dental
HIPAA Security Rule risk analysis.
Run a tailored audit →CPA & Tax Firms
IRS Pub 4557 & the FTC Safeguards Rule.
Run a tailored audit →Auto Dealers
The FTC Safeguards Rule for dealers.
Run a tailored audit →Title & Real Estate
Stop wire fraud and email spoofing.
Run a tailored audit →Financial Advisors
SEC Reg S-P, GLBA & FTC Safeguards.
Run a tailored audit →Local Gov & Schools
Texas DIR, HB 3834 & SB 820.
Run a tailored audit →All Texas Businesses
SB 2610 Safe Harbor for any company.
Run a tailored audit →Texas OAG Watch
Inside the Texas Breach Reports: Law Firms
The Texas Attorney General publishes data security breach notices for incidents affecting Texans. Below we spotlight likely law-firm and legal-service entities in that public database — one example of how exposure plays out in a single profession.
Law-Firm / Legal-Service Breach Reports
A filtered review of the Texas OAG Data Security Breach Reports database found likely law-firm or legal-service entities in published breach notices from August 2025 through June 2026.
Largest Reported Breaches
All Listed Law-Firm / Legal-Service Entries
| Law Firm / Legal Entity | Location | Texans Affected | Date Published |
|---|---|---|---|
| Martin Showers Smith & McDonald LLP | Hillsboro, Texas | 457 | Aug 29, 2025 |
| Williams Hart & Boundas, LLP | Houston, Texas | 334 | Sep 22, 2025 |
| Wear, Howell, Strickland, Quinn and Law, LLC | Decatur, Alabama | 676 | Oct 7, 2025 |
| Mehri & Skalet, PLLC | Washington, DC | 505 | Oct 27, 2025 |
| Thompson & Horton LLP | Houston, Texas | 41,222 | Oct 30, 2025 |
| Pillsbury Winthrop Shaw Pitman LLP | Los Angeles, California | 39,573 | Nov 7, 2025 |
| Mehri & Skalet, PLLC | Washington, DC | 3,210 | Nov 21, 2025 |
| TorHoerman Law, LLC | Edwardsville, Illinois | 710 | Dec 19, 2025 |
| Herrman & Herrman PLLC | Dallas, Texas | 13,424 | Dec 22, 2025 |
| Foley & Lardner LLP | Milwaukee, Wisconsin | 876 | Dec 29, 2025 |
| The Reecer Law Firm PLLC | Denton, Texas | 897 | Jan 27, 2026 |
| Wisner Baum LLP | Los Angeles, California | 3,154 | Jan 27, 2026 |
| Fried, Frank, Harris, Shriver & Jacobson LLP | New York, New York | 16,724 | Mar 9, 2026 |
| Gearhiser, Peters, Elliott & Cannon, PLLC | Chattanooga, Tennessee | 3,717 | Mar 17, 2026 |
| Williams Hart & Boundas, LLP | Houston, Texas | 7,844 | Mar 18, 2026 |
| Law Office of Michael R. De La Paz | San Antonio, Texas | 2,000 | Apr 13, 2026 |
| Rodenburg Law Firm | Fargo, North Dakota | 606 | Apr 24, 2026 |
| Martin & Cukjati, LLP | San Antonio, Texas | 897 | May 5, 2026 |
| Sprouse Shrader Smith PLLC | Amarillo, Texas | 17,666 | May 5, 2026 |
| Berger & Williams, LLP | San Diego, California | 312 | May 6, 2026 |
| Dykema Gossett PLLC | Detroit, Michigan | 6,132 | May 28, 2026 |
| Modjarrad & Associates, PC d/b/a MAS Law | Richardson, Texas | 6,220 | Jun 1, 2026 |
Source: Texas OAG Data Security Breach Reports. Entities filtered as likely law firms/legal services by organization name. The OAG does not consistently identify attack methods.