**Drury Southwest Reports Data Breach Exposing Sensitive Personal and Health Information**
On December 5, 2025, Drury Southwest, a Texas-based company, notified the state’s Attorney General of a data breach involving unauthorized access to sensitive personal and protected health information. The incident, which remains under investigation, may have exposed a range of data, including names, Social Security numbers, driver’s license details, financial account information, and medical records.
As of December 9, 2025, Drury Southwest has not released further public details about the breach’s scope or the number of affected individuals. However, the company has begun notifying impacted parties, as required by the Texas Attorney General’s breach reporting process. The exact timeline of the unauthorized access and the method used by the threat actor have not been disclosed.
The breach highlights ongoing risks to personal and health-related data, particularly in sectors handling sensitive information. Further updates may emerge as the investigation progresses.
Source: https://straussborrelli.com/2025/12/09/drury-southwest-data-breach-investigation/
TPRM report: https://www.rankiteo.com/company/drury-southwest-inc
"id": "dru1765348159",
"linkid": "drury-southwest-inc",
"type": "Breach",
"date": "12/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Impacted individuals',
'name': 'Drury Southwest',
'type': 'Company'}],
'customer_advisories': 'Notices being provided to impacted individuals',
'data_breach': {'personally_identifiable_information': ['Name',
'Social Security '
'number',
'Driver’s license '
'number',
'Financial '
'information (account '
'number, credit or '
'debit card number)',
'Medical information'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Identifiable '
'Information',
'Protected Health Information']},
'date_publicly_disclosed': '2025-12-05',
'description': 'Drury Southwest reported a data breach where sensitive '
'personal identifiable information and protected health '
'information may have been accessed by an unauthorized third '
'party.',
'impact': {'data_compromised': 'Sensitive personal identifiable information '
'and protected health information',
'identity_theft_risk': 'High',
'payment_information_risk': 'High'},
'investigation_status': 'Ongoing',
'references': [{'date_accessed': '2025-12-09',
'source': 'Attorney General of Texas breach report'}],
'regulatory_compliance': {'regulatory_notifications': ['Attorney General of '
'Texas']},
'response': {'communication_strategy': 'Notices being provided to impacted '
'individuals'},
'title': 'Drury Southwest Data Breach',
'type': 'Data Breach'}