CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
March 29th, 2010

Student Loan Records Stolen From Non-Profit Company, 3.3 Million Identities Compromised

A portable media device, stolen one week ago from a company specializing in student loan bankruptcy services, contained personal identifiable information on over 3.3 million borrowers. The organization will notify the affected individuals and will offer them free credit protection services.

The theft occurred from the offices of Educational Credit Management Corporation (ECMC), one of the top guaranty agencies in the U.S., which is also Department of Education’s designated provider for student loan bankruptcy services. The company discovered the device was missing on Sunday, March 21, but was prevented by the ongoing investigation from disclosing any details until last Friday.

The organization said in a press release that the data contained full names, addresses, dates of birth and social security numbers (SSNs), which, according to legislation in most states, constitute Personal Identifiable Information (PII). The company stressed, however, that no financial data, such as bank account numbers, was compromised as a result of this incident.

There is no information as to whether this was an opportunistic theft targeting the hardware device itself or not. Because if the actual information contained within was the actual target, it would suggest that the perpetrators had inside knowledge and were familiar with the device’s purpose.

“We deeply regret that this incident occurred and the stress it has caused our borrowers and our partners and are doing everything we can to help protect our borrowers’ identity and personal information,” said Richard Boyle, ECMC’s president and CEO. The company will notify the affected individuals via regular mail during the course of the next two weeks.

Experian has been contracted by ECMC to offer free credit protection services to the affected borrowers. This includes credit monitoring, ID theft insurance, fraud alerts and customer support from ID theft specialists.

Credit: Softpedia.com News

Share this item with others:

More on CyberInsecure:
  • Massive Data Breach In Eastern Washington University, 130,000 Student Records Exposed
  • School Computer Hacked And Personal Records Stolen By 15-Year-Old Student
  • Disk Containing Data on 17 Million T-Mobile Customers Missing, The Data Is For Sale
  • Former LendingTree Employees Sold Access To Customers Database
  • University Of Utah Hospitals & Clinics Stolen Backup Tape Contained 2.2 Million Billing Records

    • Posted in Breaches And Incidents, Data Theft, Privacy | Print This Post Print This Post

    This entry was posted on Monday, March 29th, 2010 at 3:29 pm and is filed under Breaches And Incidents, Data Theft, Privacy. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Student Loan Records Stolen From Non-Profit Company, 3.3 Million Identities Compromised

    One Response to “Student Loan Records Stolen From Non-Profit Company, 3.3 Million Identities Compromised”

    1. mike fitz Says:
      March 29th, 2010 at 9:02 pm

      And who is the COO of this organization? Was it someone who resigned in disgrace from the Department of Education? Was it someone whom the Inspector General found to do such a horrible job, it validated the fears everyone had when a former Sallie Mae exec was put in charge of student loan regulation and enforcement. Was the COO responsible for a subordinate and former Sallie Mae Colleague who was recently convicted for taking more than $100k from the very student lenders they were supposed to be regulating.

      That would explain things.

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »