What Happened
In February 2026, Bryan Texas Utilities, a municipal utility, disclosed a ransomware attack affecting approximately 70,000 customers. Billing services were disrupted.
No data has been confirmed exposed at this time, but the operational disruption to critical utility services affected customer billing and support.
Timeline
- February 2026 — Bryan Texas Utilities discloses ransomware attack; billing services disrupted
Impact and Risk Assessment
For Individuals
70,000 utility customers experienced disruption to billing services. While no data exposure has been confirmed, customers should remain vigilant.
For Organisations
Bryan Texas Utilities faced operational disruption to essential billing and customer service functions.
Municipal utilities across the United States face similar ransomware risk with often limited cybersecurity budgets.
Regulatory Context
Municipal utilities are considered critical infrastructure. CISA provides guidance and resources for utility cybersecurity, though compliance is largely voluntary for municipal entities.
What Should You Do?
For Individuals
- Monitor your utility account for billing discrepancies that may have occurred during the service disruption.
For Security Professionals
- Municipal utilities should prioritise endpoint detection, network segmentation, and tested backup and recovery procedures.
- Engage with CISA's resources for critical infrastructure cybersecurity, including their free vulnerability assessments for government entities.
Learnings and Recommendations
Ransomware attacks on municipal utilities can disrupt essential services for entire communities. Utilities should prioritise endpoint detection, network segmentation, and tested backup and recovery procedures.