Clearwater vendor accessed by third party, credit union warns

(Missoula Current) Customers of a Missoula-based credit union on Thursday informed customers that one of its vendors experienced a data leak that may have placed their personal information at risk.

Clearwater Credit Union, in a letter, said one of it's file-transfer services known as MOVEit was accessed by an unauthorized third party in mid-June, allowing it to gain access to certain files by the end of the month.

That enabled third parties to access Clearwater documents the following month.

“We received the documents acquired by the third party and determined that the documents contained personal information that included your name, Social Security number (last four digits), account number, email address, and phone number,” Clearwater President and CEO Jack Lawson told customers in a letter on June 30. “This incident did not involve unauthorized access to any Clearwater systems.”

Lawson said the credit union is working with its vendor to further secure customer information. So far, he added, no incidents of fraud or identity theft have been identified.

Still, Clearwater is offering a one-year membership to Experian Identify Works Credit 3B. Lawson said it will not affect one's credit score.

“This product helps detect possible misuse of your personal information and provides you with identity protection services focused on prompt identification and resolution of identity theft,” Lawson said. “We take our responsibility to safeguard your personal information seriously, and we apologize for the inconvenience and concern this incident may have caused you.”

Clearwater also suggested that customers monitor their account statements closely, report any fraudulent activity, and consider getting a copy of a credit report from one of the nation's three credit reporting agencies including Equifax, Experian and TransUnion.

For more information, concerned customers can contact Clearwater's incident response center at 844-825-0299.