Cyber Incident Victim: Homebridge
Date:
Jan 2015
Location:
United States of America
Summary
A California-based home care services provider experienced a cybersecurity incident where malware compromised internal systems, enabling unauthorized access to human resource records containing employee names, addresses, and Social Security numbers. The stolen data was subsequently linked to fraudulent tax filings submitted to the IRS on behalf of affected personnel. Following the breach, the organization engaged forensic experts to investigate, removed the malicious software, and implemented enhanced security measures. Impacted individuals received notifications and were offered complimentary identity protection and credit monitoring services for one year.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In early 2015, Homebridge (formerly known as In-Home Supportive Services Consortium), a California-based provider of home care services, experienced a cybersecurity incident affecting current and former employees. Between January and March of that year, unauthorized individuals gained access to the organization's human resource records after malware compromised a limited number of Homebridge computers. The breach exposed sensitive personal information including employee names, physical addresses, and Social Security numbers. Subsequent reports indicated that the stolen data had been exploited to file fraudulent tax returns with the Internal Revenue Service, with criminals impersonating Homebridge employees to submit falsified documentation. The organization became aware of both the data compromise and its connection to tax fraud schemes through internal detection mechanisms and external reports. While Homebridge did not publicly disclose the exact number of affected individuals, the breach impacted an undisclosed quantity of current and former staff members whose HR records were accessible through the compromised systems.
Homebridge initiated a multi-phase response upon discovering the incident. The organization retained a specialized data forensics and cybersecurity firm to investigate the breach's origin, scope, and attack methodology. Technical remediation efforts included complete eradication of the identified malware from infected systems and implementation of enhanced security measures across their digital infrastructure. Between the breach discovery and April 13, 2015, Homebridge prepared notification letters to all potentially impacted individuals, detailing the nature of the compromised data and its confirmed misuse in tax-related fraud schemes. The organization offered affected persons complimentary identity protection services and credit monitoring coverage for twelve months at no cost. These notifications were distributed concurrently with the public disclosure of the incident through California's official government portal, ensuring transparency regarding both the data exposure and the criminal misuse of personal information for fraudulent IRS filings.