Clearwater Credit Union

The Washington State Office of the Attorney General disclosed a data breach affecting Clearwater Credit Union between May 30–31, 2023, reported on June 30, 2023. The incident exposed sensitive personal information of 518 residents, including full names, Social Security numbers, financial records, and dates of birth. The breach compromised highly confidential data, heightening risks of identity theft, financial fraud, and long-term reputational damage for the institution. While the exact attack vector (e.g., phishing, system vulnerability) was not specified, the nature of the leaked data—particularly SSNs and financial details—suggests a targeted intrusion with severe implications for affected individuals. The breach underscores vulnerabilities in the credit union’s data protection measures, potentially eroding trust among customers and regulatory bodies. No ransomware involvement was reported, but the scale and sensitivity of the exposed information classify this as a high-severity incident with lasting consequences for both the organization and its clients.

Source: https://www.atg.wa.gov/data-breach-notifications | https://data.wa.gov/resource/sb4j-ca4h.json?id=15250

TPRM report: https://www.rankiteo.com/company/clearwater-credit-union

"id": "cle028091825",
"linkid": "clearwater-credit-union",
"type": "Breach",
"date": "5/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 518,
                        'industry': 'Financial Services',
                        'location': 'Washington, USA',
                        'name': 'Clearwater Credit Union',
                        'type': 'Credit Union'}],
 'data_breach': {'number_of_records_exposed': 518,
                 'personally_identifiable_information': ['names',
                                                         'Social Security '
                                                         'numbers',
                                                         'full dates of birth'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information (PII)',
                                              'Financial Information']},
 'date_publicly_disclosed': '2023-06-30',
 'description': 'The Washington State Office of the Attorney General reported '
                'a data breach involving Clearwater Credit Union. The breach '
                'occurred between May 30, 2023, and May 31, 2023, potentially '
                'affecting the personal information of 518 residents, '
                'including names, Social Security numbers, financial '
                'information, and full dates of birth.',
 'impact': {'data_compromised': ['names',
                                 'Social Security numbers',
                                 'financial information',
                                 'full dates of birth'],
            'identity_theft_risk': 'High (PII exposed)',
            'payment_information_risk': 'High (financial information exposed)'},
 'references': [{'date_accessed': '2023-06-30',
                 'source': 'Washington State Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': 'Washington State '
                                                       'Office of the Attorney '
                                                       'General'},
 'response': {'communication_strategy': 'Public disclosure via Washington '
                                        'State Office of the Attorney General'},
 'title': 'Clearwater Credit Union Data Breach',
 'type': 'Data Breach'}