Back to Blog
high severity February 11, 2026 · scope unconfirmed

auxhomeservices.com Listed by incransom Ransomware Group

Aux Home Services is a trusted provider of plumbing, electrical, heating, and air conditioning services in Birmingham, Alabama, along with Jefferson and Shelby counties. They pride themselves on delivering prompt and reliable service, available 24/7, with skilled technicians who respect and clean up after their work. The company emphasizes upfront pricing and quality craftsmanship, ensuring customer satisfaction. Their diverse range of services includes AC and heating installations, plumbing repairs, and electrical systems management. Employees: 50 Revenue: $6.9 Million Industry: Constructi

⚠ Were you affected?
Free email scanner — we check your address against 15.4B+ leaked records in 15 seconds.
Run free scan →
Severity High
Disclosed February 11, 2026
Affected Unconfirmed
Data exposed Internal files exfiltrated in ransomware attack

On February 11, 2026, Aux Home Services, a plumbing, electrical, heating and air conditioning company serving Birmingham, Alabama and the surrounding Jefferson and Shelby counties, appeared on the leak site of the incransom ransomware group. The posting indicates that internal files were exfiltrated during a ransomware attack on the company, which employs about 50 people and generates roughly $6.9 million in annual revenue.

Confirmed Details from Reporting

Public reporting on the incransom leak site describes the incident as a ransomware attack that resulted in the theft of internal company files. The exact number of customer records affected remains unknown, and the specific types of data exposed have not been detailed in available listings. Aux Home Services provides 24/7 emergency repairs for AC and heating systems, plumbing, and electrical work, meaning customer names, addresses, phone numbers, email addresses, and payment information are likely present in the company’s internal systems.

The breach was publicly listed on February 11, 2026. No deadline for ransom payment or additional details about the volume of stolen data have been disclosed in the primary posting.

Why This Matters for You and Your Family

If you or anyone in your household has used Aux Home Services for repairs in recent years, your personal information may now sit in a ransomware actor’s hands. A single leak of your name, address, phone number, or email can serve as the starting point for identity theft, phishing campaigns, or unwanted solicitations. For families, this risk extends beyond the adult who booked the service: shared email accounts, joint phone numbers, and children’s accounts linked to the same household address can all become targets.

Credential leaks like this one often cascade into gaming account takeovers when the same password has been reused across personal and work-related services.

The Doxxing and Identity-Chain Risk

Once basic contact details leave a company’s network, attackers and data brokers can link them to usernames, social-media handles, and other online footprints. This process, known as identity chaining, can quickly expose your family’s full digital profile. Public records, children’s school information, and even gaming usernames can be stitched together, leading to doxxing, harassment, or targeted scams. What begins as a routine service call can therefore escalate into long-term privacy exposure for every member of the household.

Incransom Group’s Known Track Record

Public reporting attributes the attack to the incransom ransomware group. The group emerged in recent years and has focused primarily on small and mid-sized businesses. Its typical playbook involves gaining initial access, exfiltrating internal files, and then publishing samples on its leak site to pressure victims into payment. Notable prior victims have included other regional service companies, though exact details remain limited in open sources. The group’s extortion style relies on the public embarrassment of leaked data rather than widespread media campaigns.

What to do

  • Run a DoxxScan to map every link between your handles, emails, phone numbers, and real identity, then use the included no-subscription cleanup of data-broker listings tied to the Aux Home Services breach.
  • Rotate any password you have reused at auxhomeservices.com or with any Aux Home Services account, and switch to 2FA through an authenticator app rather than text messages.
  • Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next leak exposing your family is caught in hours instead of months.
  • Cover the entire household with DoxxScan family protection, which extends to dependents and children’s gaming accounts that often chain back to the same address or parent email.
  • Let remediation specialists handle takedown requests for any newly exposed personal records across data brokers and leak sites.

The Aux Home Services breach is a reminder that even local service providers hold information that can affect your family’s safety for years. Taking concrete steps now limits how far attackers can travel down the identity chain. DoxxScan by GalaxyWarden delivers continuous monitoring across 15.4 billion breach records and more than 100 platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and full household coverage that includes children’s gaming accounts. Start your DoxxScan trial today to close the gaps this incident created.

Share this Post on X Reddit Email
Why this isn’t just another breach checker

A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.

Free checker Tells you the breach happened. End of story. You’re still on 800+ broker sites.
$129+/yr Broker-removal services scrub the address but don’t see the breach — next leak re-exposes you.
GalaxyWarden Maps the chain. Cleans both halves. $19 one-shot. Closed loop.

⚠ Were you in this breach?

Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.

Check my email — free →
Close the chain attack

Both halves of the chain, cleaned once.

A breach put your credentials in 15.4B+ leaked records. Hackers chain that data to your address on 800+ broker sites. GalaxyWarden closes both halves for $19 once — no subscription required.

Clean both halves — $19 →
Free breach scan + 800+ broker letters + 30-day proof · one payment, no subscription
W Warden Plus — ongoing monitoring $9.99/mo
Warden Plus ($9.99/mo or $99/yr): weekly re-scans, breach alerts, AI Concierge, auto re-files on relisted brokers.