In-Home Attendant Services Data Breach Affects 22,100 Individuals

In-Home Attendant Services, Ltd., a Texas-based company, recently disclosed a significant data breach that affected approximately 22,000 individuals across the United States. The breach was reported to the U.S. Department of Health and Human Services on December 20, 2024. While the specific timeline of the breach remains unclear, the incident has exposed a wide range of sensitive personal and financial information.

The compromised data includes:

• Names
• Addresses
• Social Security numbers
• Driver’s license numbers
• Government-issued ID numbers (e.g., passport, state ID card)
• Financial information (e.g., account numbers, credit or debit card numbers)
• Medical information
• Health insurance information
• Dates of birth
• Other unspecified sensitive information

The breach appears to have been severe, given the breadth of information exposed. This type of data could be exploited for identity theft, financial fraud, and other malicious purposes. The breach was reported to authorities such as the U.S. Department of Health and Human Services, but there is no indication yet of how the data was stolen or whether it was the result of a cyberattack, insider threat, or other vulnerabilities.

Notably, the Texas Attorney General’s office has also been informed of the breach. You can view the disclosure on their official data security breach report page.

In-Home Attendant Services' response

In-Home Attendant Services, Ltd. has reported the breach to multiple regulatory authorities, including the U.S. Department of Health and Human Services. While specific details about the company’s immediate response to the breach are not available, it is common practice for organizations to investigate the incident, secure their systems, and notify affected individuals.

If you are a client or employee of In-Home Attendant Services, Ltd., you may receive further communication from the company regarding the breach and any steps they are taking to mitigate potential harm.

Steps to take if you are affected by the data breach

If your information was potentially exposed in this breach, it is important to act quickly to protect yourself. Here are some steps you can take:

1. Monitor your financial accounts and credit reports
1. Regularly review your bank statements, credit card activity, and credit reports for any unauthorized transactions or accounts.
2. You can request a free credit report from each of the three major credit reporting agencies (Equifax, Experian, and TransUnion) at AnnualCreditReport.com.

1. Place a fraud alert or credit freeze on your credit file
1. A fraud alert notifies creditors to verify your identity before opening new accounts.
2. A credit freeze restricts access to your credit report, preventing new accounts from being opened in your name.

1. Change passwords and enable two-factor authentication
1. If you have accounts with In-Home Attendant Services, Ltd., or use the same password elsewhere, update your passwords immediately.
2. Use strong, unique passwords and enable two-factor authentication where possible.

1. Watch for phishing attempts
1. Be cautious of emails, calls, or messages claiming to be from In-Home Attendant Services, Ltd. or other organizations requesting personal information.
2. Verify the legitimacy of any communication before providing sensitive data.

1. Consider identity theft protection services
1. Some companies offer free credit monitoring or identity theft protection after a breach. Check if In-Home Attendant Services, Ltd. is providing this service.
2. Alternatively, you can enroll in a trusted identity theft protection service on your own.

1. Report suspicious activity
1. If you notice any unauthorized activity, report it immediately to your financial institution and local law enforcement.
2. You can also file a complaint with the Federal Trade Commission (FTC) at IdentityTheft.gov.

By taking these steps, you can reduce the risk of identity theft and financial fraud stemming from this breach.