ClearBalance® takes your data security and privacy very seriously and we are committed to safeguarding the information you provide us. Below are details about an email security incident that may have impacted personal information related to certain individuals and how you can find out if you were impacted. We deeply regret that this incident occurred and apologize for any concern it may cause.
What Happened? On April 26, 2021, ClearBalance detected and prevented an attempted unauthorized wire transfer of ClearBalance funds. We immediately engaged a forensic investigator to aid in an investigation and contacted the FBI. Through our investigation, we determined that there was unauthorized access to certain ClearBalance email accounts between March 8, 2021 and April 26, 2021. On June 21, 2021, our investigation also determined that there was unauthorized access to emails that contained certain individuals’ personal information. This incident did not impact our corporate networks or software, and did not involve the systems, databases, or medical records systems of any hospital, healthcare provider, or bank. Again, at this time, we have no evidence of any fraud or misuse of your information.
What Information is Involved? The personal information impacted by this incident is detailed in the letter impacted individuals were sent. This may have included Name, tax ID, Social Security number, date of birth, other government-issued ID, telephone number, healthcare account number and balance, date of service, ClearBalance loan number and balance, personal banking information (such as the financial institution name, account number and routing number, but not your PIN or access code), clinical information, health insurance information, and full-face photographic image. This is a sample of personal information. It doesn’t mean that all of these categories of information were exposed for every individual. Our review of the data was extensive, and all potentially impacted individuals were notified by written letters that were sent via U.S. Mail on July 9, 2021.
What Are We Doing? Data security is a top priority for ClearBalance and upon learning of the incident, we immediately took significant steps to enhance security safeguards for information in our care. These measures included changing all user account passwords, implementing stronger access controls in the cloud email environment, and providing updated procedures for reporting suspicious activity. Of course, we will remain vigilant and continue to augment our security as new threats emerge and evolve.
What Can Impacted Individuals Do? We strongly encourage all potentially impacted individuals to be on the alert for any suspicious activity on their accounts and to take advantage of the services and tools ClearBalance is offering to help protect your information from theft and abuse. Information on these complimentary identity protection and credit monitoring services is detailed in the letter that impacted consumers were sent. Please visit this dedicated website for more details about the services and to enroll. https://response.idx.us/clearbalance