Cyber Incident Victim: Service Coordination Inc.
Date:
Oct 2013
Location:
United States of America
Summary
Service Coordination Inc., a Maryland nonprofit supporting individuals with intellectual and developmental disabilities, experienced a breach compromising personal data of approximately 9,700 clients, including names, Social Security numbers, medical assistance identifiers, Medicaid details, service provider information, and demographic records. An unauthorized individual accessed the organization's systems over a ten-day period, prompting engagement of forensic experts, system security enhancements, and law enforcement involvement that identified a suspect and led to seized equipment. Notification to affected individuals was delayed at the Department of Justice's request to avoid compromising the investigation, with impacted parties later offered identity theft protection services; no evidence of data misuse was found following the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Between October 20 and October 30, 2013, an unauthorized individual accessed computer systems belonging to Service Coordination Inc. (SCI), a Maryland nonprofit providing support services to individuals with intellectual and developmental disabilities. The breach was discovered by SCI on October 30, 2013, when investigators confirmed the intrusion into electronic files containing sensitive client data. Approximately 9,700 clients were affected by the exposure of personal information including full names, Social Security numbers, medical assistance identifiers, Medicaid enrollment statuses, Medicaid Waiver program details, Developmental Disabilities Administration (DDA) service provider assignments, and demographic records tied to SCI’s case management operations. Forensic analysis determined the attacker employed hacking techniques to compromise SCI’s systems, though the specific technical vulnerabilities exploited were not publicly disclosed. Law enforcement agencies immediately initiated an investigation upon notification by SCI, leading to the identification of a suspect whose residence was subsequently searched, resulting in the seizure of computer equipment and digital accounts.
SCI retained forensic consultants to secure its systems against further unauthorized access following the breach discovery. At the request of the Department of Justice, SCI delayed notifying impacted individuals until March 17, 2014, to avoid compromising the ongoing law enforcement investigation. The delayed notification letters informed affected clients about the exposure of their protected health information and offered complimentary identity theft protection services for one year. Executive Director John Dumas publicly reaffirmed SCI’s commitment to safeguarding client data through enhanced security measures, though no specific technical or procedural changes were detailed in available sources. Investigators found no evidence suggesting misuse of the stolen data prior to the seizure of the suspect’s devices. The breach timeline, forensic findings, and law enforcement collaboration were documented in SCI’s official website notification and subsequent regulatory disclosures.