Harbin Clinic is taking steps to protect patients whose personal information may have been compromised in a recent data breach affecting a third-party vendor, National Recovery Services Inc. (NRS). NRS, a company providing debt collection services for Harbin Clinic’s delinquent accounts, as well as services related to bankruptcies, lawsuits, and patient estate matters, experienced unauthorized access to its network between July 5 and 11, 2024. According to Harbin Clinic, certain files and folders were illegally copied during this period.

The potentially compromised information may have included patient names, addresses, Social Security numbers, dates of birth, financial account information, guarantor information, and medical-related data. “Harbin Clinic apologizes that a vendor entrusted with personal information allowed this to happen and remains committed to protecting the confidentiality and security of the data of its patients,” stated a notification from Harbin’s communication office. Upon learning of the breach in February, and receiving confirmation of the potentially affected records in March, Harbin Clinic immediately blocked NRS’s access to its internal systems.

The clinic also engaged its privacy and cybersecurity teams to investigate the incident and ensure its own systems remained secure. To mitigate potential harm, Harbin Clinic is offering free credit monitoring and identity protection services to individuals whose personal information was potentially impacted.

Patients can access more information about the breach and the protective services being offered through a dedicated call center at 866-408-3081, operating weekdays from 9 a.m. to 6 p.m., or online at HarbinClinic.com/NRSnotice.

While NRS has stated it has no evidence to suggest identity theft or fraud related to the breach, Harbin Clinic is urging potentially affected patients to remain vigilant and take advantage of the offered protective measures.