Texas Attorney General Ken Paxton issued Civil Investigative Demands to Blue Cross Blue Shield of Texas and Conduent Business Services LLC as part of an investigation into a data breach that exposed the protected health information of approximately four million Texans. The breach, which occurred between October 21, 2024 and January 13, 2025, is believed to be the largest in U.S. history. The investigation focuses on Conduent's security measures and BCBS's compliance with state data protection laws.
In-house legal teams should immediately review all vendor, customer, and data processing agreements where Conduent Business Services LLC or similar service providers handle protected health information or sensitive personal data. Focus on clauses governing data security obligations, breach notification timelines and procedures, compliance with state-specific data protection laws (particularly Texas), data processing addendums, and indemnification/liability provisions. Given the investigation into potential negligence and the scale of the breach, contracts may require amendments to mandate stricter security safeguards (e.g., encryption, access controls), explicit adherence to Texas data protection statutes, clearer breach response protocols, and enhanced audit rights to ensure ongoing compliance and allocate risk appropriately.
Entity
Conduent Business Services LLC
Also known as: Conduent
Industry
TechnologyConduent Business Services LLC (Business Associate, NJ) reported a HIPAA breach affecting 42,616 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Texas Attorney General Ken Paxton launched an investigation into Meta's Meta AI Glasses over allegations of unlawful facial biometric data collection, deceptive privacy practices, and unauthorized sharing of user data with subcontractors. The investigation follows concerns that the glasses' always-on recording mode lacks proper user notice, planned facial recognition features would collect data without consent, and private user videos are accessed by third-party annotators in Kenya. The AG issued a Civil Investigative Demand to Meta to determine violations of Texas privacy laws.
Texas Attorney General Ken Paxton launched an investigation into Meta regarding its Meta AI Glasses, alleging unlawful collection of facial biometric data, deceptive privacy representations, and unauthorized sharing of user data with subcontractors. The investigation follows concerns that the glasses’ always-on recording mode lacks proper notice, subcontractors access private user content including intimate moments, and Meta plans to deploy facial recognition technology to collect unsuspecting individuals’ facial geometry. The AG issued a Civil Investigative Demand to determine if Meta violated Texas law by deceptively misrepresenting its data use practices.
Texas Attorney General Ken Paxton filed a lawsuit against proxy advisory firm Institutional Shareholder Services, Inc. (ISS) alleging violations of the Texas Deceptive Trade Practices Act by prioritizing political agendas over sound financial guidance in voting recommendations. The lawsuit seeks an injunction to stop deceptive practices and civil penalties of up to $10,000 per DTPA violation. This action follows a 2025 investigation into ISS and peer firm Glass Lewis & Co.
Texas Attorney General Ken Paxton secured a settlement via Assurance of Voluntary Compliance with Albertsons Safeway LLC, prohibiting the company from misting organic produce with synthetic pesticides like ProduceMaxx in all Texas stores. The settlement requires Albertsons-owned grocery chains to stop using synthetic antimicrobial pesticides in misting systems on organic produce and implement potable water rinses for organic produce after any prior treatments. The action follows an investigation launched in January 2026 into undisclosed pesticide use on USDA-certified organic produce.
Texas Attorney General Ken Paxton opened an investigation into the Southern Poverty Law Center (SPLC) over allegations that the organization deceived donors by using millions of dollars in contributions to fund extremist groups including the Ku Klux Klan, which it publicly claimed to oppose. The SPLC was indicted on federal fraud charges in April 2026 for secretly paying leaders of these groups without disclosing the payments to donors. The Texas OAG issued a Civil Investigative Demand to SPLC to probe deceptive donor solicititation and other potential violations of Texas law.