Ransomware Breach at Texas Gas‑Station Operator Exposes 377,000 Social Security Numbers

Gulshan Management Services, Inc., tied to Gulshan Enterprises’ roughly 150 Handi Plus and Handi Stop gas stations and convenience stores in Texas, has disclosed a ransomware attack that exposed personal data for more than 377,000 people, according to a filing with the Maine Attorney General’s Office. The company says attackers gained access to its IT systems via a phishing email in late September and remained inside for about 10 days before deploying ransomware that encrypted files across its network. During that time, the intruders stole names, contact information, Social Security numbers and driver’s license numbers, a combination security experts say can fuel identity theft and account‑takeover fraud for years. Gulshan reports it restored operations from known‑good backups and has not seen a ransomware group publicly claim responsibility, but once data is copied out, it cannot be recovered, leaving affected customers and employees at ongoing risk. The incident underscores how retail and fuel businesses with legacy systems and frontline staff are increasingly targeted in U.S. ransomware campaigns, even though they are not traditional tech firms.