More than 200,000 People Potentially Impacted by ClearBalance Phishing Attack

ClearBalance in San Diego, CA, a loan provider that allows patients to distribute the cost of their hospital expenditures, was affected by a phishing attack last March 8, 2021 and workers were fooled into exposing their sign-in credentials.

ClearBalance discovered the email system breach on April 26, 2021 the moment the hacker tried to make a bogus wire transfer. Action was quickly taken to protect the email system and stop more unauthorized access, and the attempt to make a wire transfer did not succeed. No money was moved to the hacker’s account.

A third-party computer forensic team was involved to look into the breach and to figure out if the attacker viewed or acquired any sensitive information. The investigator affirmed that the breach only affected the email system and did not affect any other system and that the unauthorized person was blocked from accessing the email accounts on the day of discovering the breach.

The attacker did not obtain access to the database that holds the health care record systems of any healthcare company; nevertheless, a number of sensitive information was found in email messages and file attachments which were possibly accessed. An analysis of the email accounts’ contents showed they included these data elements:

Names, tax IDs, birth dates, Social Security numbers, government-issued ID numbers, phone numbers, balance amounts, healthcare account numbers, dates of service, ClearBalance loan numbers and balances, private banking details, clinical data, medical insurance data, and full-face photographic pics. Most people didn’t have PHI particularly affected.

Security measures were strengthened to better secure the email system and personal information, all user security passwords were altered, stronger access settings are put in place on the system, and procedures for submitting suspicious activity reports were kept up to date.

The objective of the attack seems to be to make bogus wire transfers instead of getting sensitive information; nevertheless, as a safety measure against identity theft and fraud, ClearBalance provided impacted people with free identity theft protection services, 2 years of credit monitoring services, and payment insurance coverage plus an identity theft insurance reimbursement guide.

The breach was submitted to the HHS’ Office for Civil Rights as impacting 209,719 people.