A company that guarantees federal student loans said that personal data on about 3.3 million people nationwide has been stolen from its headquarters in Minnesota, said an AP report.
Educational Credit Management Corp. said the data included names, addresses, Social Security numbers and dates of birth of borrowers, but no financial or bank account information.
The data was on "portable media" that was stolen sometime last weekend, ECMC said in a statement. Company spokesman Paul Kelash wouldn't specify what was taken, citing the ongoing investigation, but said there were no indications of any misuse of the data, the report said.
The St. Paul-based nonprofit said it discovered the theft last Sunday and immediately contacted law enforcement, and made the theft public when it received permission from authorities. The Minnesota Bureau of Criminal Apprehension is leading the investigation, the report said.
ECMC said it has arranged with credit protection agency Experian to provide affected borrowers with free credit monitoring and protection services. Borrowers will be receiving letters from ECMC soon on how to sign up, gain access to fraud resolution representatives, and be provided with identity theft insurance coverage.
"We deeply regret that this incident occurred and the stress it has caused our borrowers and our partners and are doing everything we can to help protect our borrowers' identity and personal information," Richard Boyle, president and CEO of ECMC, said in the statement.
ECMC is a contractor for the U.S. Department of Education to provide collection and document management services. It guarantees student loans through the Federal Family Education Loan program, and provides support services for student loans that are in default or bankruptcy. The company can act as the guarantor, loan holder or loan servicer.
I want to hear from you. Tell me how we can improve.
This month in Security magazine, we highlight COVID-19 and enterprise security's response. How has the pandemic changed business continuity plans, and what lessons have been learned? Also this month, we profile Chris Hallenbeck, CISO at Tanium, his view on metrics and information security. In addition, security experts discuss video analytics, how to make AI work within your cyber strategy and more.