Over 2.5 million borrowers who have taken out student loans with either the Oklahoma Student Loan Authority (OSLA) or Edfinancial had their personal information exposed in a data breach this summer.
Nelnet Servicing, a Nebraska-based technology services firm that both OSLA and Edfinancial utilize for their web portals, had its data breached. According to a letter sent by Nelnet Servicing, the company became aware of a data vulnerability on July 21. Nelnet Servicing took action and blocked the suspicious activity, fixed the vulnerability, and launched an investigation into the breach with a third party.
About a month later, on August 17, the investigation concluded that certain student loan account registration information was accessible by an unknown party beginning in June and ending on July 22. Information exposed in the data breach includes over 2.5 million borrowers’ names, addresses, email addresses, phone numbers, and Social Security numbers, according to a letter to impacted borrowers from OSLA and Edfinancial. The breach did not compromise borrowers’ financial information, however.
“The confidentiality, privacy, and security of our customers’ information is one of our highest priorities,” the letter reads. “We are notifying potentially impacted individuals, including you, so that we can provide you with services and resources to best protect yourself from any potential consequences should you feel it is appropriate to do so.”
OSLA and Edfinancial sent impacted borrowers a list of steps they can take to protect their personal information and offered free access to Experian's identity protection and credit reporting service IdentityWorksSM for two years.
“We encourage you to remain vigilant against incidents of identity theft and fraud over the next 24 months, by reviewing your account statements and monitoring your free credit reports for suspicious activity and to detect errors,” the letter reads. “Please also review the information contained in the enclosed ‘Steps You Can Take to Help Protect Your Personal Information.’”
Publication Date: 9/2/2022