Millions of student loan accounts exposed in data breach

Data Breach
(Image credit: Shutterstock)

The data of over 2.5 million individuals who have taken out student loans with either the Oklahoma Student Loan Authority (OSLA) or EdFinancial has been exposed in a data breach.

The breach itself was suffered by Nelnet Servicing, a Nebraska-based technology services firm that both loan companies utilized for their web portals.

A letter sent by Nelnet Servicing to the affected providers said that the breach did not involve the leakage of any financial data, but that the exposed information did include full names, physical addresses, email addresses, phone numbers and social security numbers.

Compensation for victims

Markovits, Stock & DeMarco, a US law firm that specializes in data breach cases, is apparently investigating claims on behalf of the victims.

EdFinancial has highlighted that not all their student loan customers were exposed to Nelnet and impacted by the breach.

Both EdFinancial and OSLA are offering customers free 24-month access to Experian's identity protection and credit reporting service IdentityWorksSM, which includes benefits like a free credit check.

EdFinancial is also encouraging its customers to educate themselves about identity fraud and to carefully review their account statements over the next 24 months for suspicious activity.

It's a good job they are throwing customers a bone. Even if no financial information was disclosed, the exposure of detailed personal information can still make consumers more vulnerable to phishing attacks and other types of fraud.

Cybercrime continues to be a serious problem for higher education and related sectors. In one particularly disastrous incident, Illinois-based private liberal arts college Lincoln College was allegedly forced to permanently shut its doors due to a ransomware attack.

Despite apparently surviving the Spanish flu of 1918, the Great Depression, and World War II , the college was said to be unable to bounce back after the attack “thwarted admissions activities and hindered access to all institutional data, creating an unclear picture of Fall 2022 enrolment projections”.

  • Interested in keeping your organization safe from cyberattacks? Checkout our guide to the best endpoint protection

Via BleepingComputer

Will McCurdy has been writing about technology for over five years. He has a wide range of specialities including cybersecurity, fintech, cryptocurrencies, blockchain, cloud computing, payments, artificial intelligence, retail technology, and venture capital investment. He has previously written for AltFi, FStech, Retail Systems, and National Technology News and is an experienced podcast and webinar host, as well as an avid long-form feature writer.