Education data breach puts 21,000 student loan borrowers at risk

GovEXEC.com ^ | August 24, 2006 | Daniel Pulliam

[APRPEH]

Student loan holders logging on to an Education Department Web site between Sunday night and Tuesday morning exposed their personal identities to others as a result of a glitch in a contractor's efforts to service the site.

As first reported in the Boston Globe Wednesday, as many as 21,000 borrowers in the Federal Direct Student Loan Program could have had their personal data, including Social Security numbers, birthdates and addresses, compromised in yet another government agency data breach.

This incident follows a string of publicized breaches governmentwide, affecting information systems in more than a dozen federal agencies.

Dallas-based Affiliated Computer Services Inc. was performing a software upgrade on the Federal Student Aid Web site when the glitch occurred, an Education Department spokeswoman said. From around 9 p.m. Sunday until 10:15 a.m. Tuesday, users performing a certain task on the Web site would see the personal information of the last person who tried to complete the same task, officials said.

The Web site was partially shut down Monday and another part was shut down Tuesday, according to the spokeswoman.

ACS is offering free credit monitoring for a minimum of one year to all affected students, according to Education's spokeswoman. As of Wednesday, 26 people had contracted the department.

[APRPEH]

whoops! sorry we didnt mean to expose your application to the entire world. here is a year of credit monitoring to show we really do care. really, we do.

[Young Scholar]

Stuff like this is bound to happen when so much information is handled by computer. It really doesn't sound too bad, since only other students would have seen this info (and only one person each, too); I doubt it will result in any fraud.

Credit monitoring sounds like a reasonable offer.

[mtbopfuyn]

In a related story, illegal document forgers celebrated.