Connect with us

Hi, what are you looking for?

Cyber Security

Nelnet Servicing breach exposes data of 2.5M student loan accounts

Data for over 2.5 million individuals with student loans from Oklahoma Student Loan Authority (OSLA) and EdFinancial was exposed after hackers breached the systems of technology services provider Nelnet Servicing.

Technology services from Nelnet Servicing, including a web portal, are used by OSLA and EdFinancial to give online access students taking out a loan access to their loan accounts.

Sometime in June, unidentified intruders compromised Nelnet Servicing and stayed on  its systems until July 22. The hackers compromised the company’s network likely after exploiting a vulnerability.

About 2,501,324 individuals have been impacted by  the breach.

sample notification letter to impacted parties sent to the Office of the Maine Attorney General as part of the data breach disclosure process, Nelnet Servicing has informed OSLA and EdFinancial, who are notifying their customers.

Although Nelnet states it blocked the cyberattack as soon as the breach was detected, a subsequent investigation that was completed on August 17, 2022, determined that certain student loan account registration information might have been accessed.

The exposed information includes the following:

  • Full name
  • Physical address
  • Email address
  • Phone number
  • Social Security Number

The letters clarify that no financial account numbers or any form of payment information were exposed due to the security incident.

EdFinancial also underlines that not all its clients are hosted by Nelnet Servicing, so not all students that took a loan through them are impacted by the data breach.

Threat actors with access to the aforementioned information may engage in phishing attacks, social engineering, impersonation, and various scamming schemes. As the topic of loans is particularly sensitive, the risk of exposure is amplified.

Due to the seriousness of this data breach incident, law firm “Markovits, Stock & DeMarco” yesterday launched an investigation on the potential of a class action lawsuit.

Both EdFinancial and OSLA offer impacted individuals free access to a 24-month identity theft protection service through Experian, with instructions on how to enroll enclosed in the letters.

“We encourage you to remain vigilant against incidents of identity theft and fraud over the next 24 months, by reviewing your account statements and monitoring your free credit reports for suspicious activity and to detect errors,” reads to notice sent to affected borrowers.

It is recommended that recipients of the notices take immediate action to protect themselves from fraud by enrolling in Experian’s IdentityWorks service and remaining vigilant against all incoming communication.

Monitoring bank account statements and requesting a credit report is also advisable. Finally, placing a credit freeze should be considered for high-risk cases. Instructions on how to do that are included in the distributed notices.

Source: https://www.bleepingcomputer.com/news/security/nelnet-servicing-breach-exposes-data-of-25m-student-loan-accounts/

Advertisement. Scroll to continue reading.
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

The cyberattack that ultimately led to the breach of several U.S. officials’ email accounts was the result of a China-based threat actor accessing a...

Cyber Security

The well-known watch manufacturing company Seiko disclosed the data breach notification recently on Aug 2023, targeted by the notorious threat group BlackCat/ALPHV. BlackCat/ALPHV Group has been...

Cyber Security

Privileged users typically hold crucial positions within organizations. They usually have elevated access, authority, and permission levels in the organization’s IT systems, networks, applications,...

Cyber Security

The Colorado Department of Higher Education (CDHE) discloses a massive data breach impacting students, past students, and teachers after suffering a ransomware attack in...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO