Federal loan Web site left unprotected

[Dissent <Dissent () pogowasright org>]

Complications from a computer software upgrade caused a security 
breach that left loan borrowers' private information, such as their 
Social Security numbers, unprotected online.

The problem occurred from the evening of Aug. 20 to the morning of 
Aug. 22 on the Web site of Direct Loans. Direct Loans is part of the 
William D. Ford Federal Direct Loan Program within the Dept. of 
Education and Federal Student Aid.

Anyone who used the Web site and performed the same transaction at 
the same time in the same part of the system as another user could 
have had his or her data exposed, Bushman said.

...  She estimated that 21,000 accounts of the more than six million 
on the system could have been affected. All those potentially 
affected already would have been notified, she said.

[...]

http://www.press-citizen.com/apps/pbcs.dll/article?AID=/20060917/NEWS01/609170310/1079/NEWS01


-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.405 / Virus Database: 268.12.4/449 - Release Date: 9/15/2006


_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss
Tracking more than 146 million compromised records in 349 incidents over 6 years.