Nelnet servicing breach exposes data of over 2.5 million students with loan accounts

Data on more than 2,501,324 people with student loan accounts were leaked after attackers broke into the systems of technology service provider Nelnet Servicing.

Individuals with student loans from the Oklahoma Student Loan Authority (OSLA) and EdFinancial were affected because Nelnet Servicing provided them with the web portal that gives students who take out a loan access to their loan accounts.

The attackers gained access to Nelnet Servicing systems and stayed on until July 22. Although Nelnet claims to have blocked the cyberattack once the breach was discovered, investigations show that certain student loan account registration information may have been compromised.

Exposed information includes full name, physical address, email address, phone number and social security number.

Nelnet Servicing made it clear in the notification letter to the parties concerned that no financial account number or any form of payment information was exposed during the security incident.

EdFinancial and OSLA offer impacted individuals free access to a 24-month identity theft protection service through Experian with instructions on how to enroll attached in the letters.

The sources for this piece include an article in BleepingComputer.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web