Computer Security 3.3 Million Student Loan Data Stolen from Non-Profit...

3.3 Million Student Loan Data Stolen from Non-Profit Company ECMC

3 million student loan borrower records stolen from ecmcAbout 3.3 million student loan borrower's records were stolen from a nonprofit company during the week of March 20th.

This recent data breach incident was from the headquarters of ECMC (Educational Credit Management Corp.), a company known for services to student loans that enter bankruptcy. Included within the stolen data were student birth dates, names, social security numbers, address and even credit card numbers. With this type of information in the wrong hands, it could literally ruin the lives of hundreds to thousands of individuals.

If you remember, an attack on Heartland Payment Systems resulted in over 130 million credit card numbers being stolen making it the largest identity theft scheme to date. It just so happens that one of the persons responsible for this specific attack, Albert Gonzalez, was recently sentenced to 20 years in prison. In the ECMC attack, compromising 3.3 million student loan records, the culprits have yet to be identified. In both cases, credit monitoring services had to be offered to protect the victims after the fact.

Data theft or loss of information stored on servers can happen in different ways. Hackers usually seek out weak or vulnerable systems for an entry point. Sometimes these systems are laden with malware opening them up to outside or remote attackers. Usually an entry point may consist of one person's laptop; for example, an employee of the company that the hacker is looking to attack. The data breach happens in most cases remotely from another location other than the physical building housing the data. Lately, many companies, including financial institutions, have beefed up their security efforts to protect their data whether it be credit card numbers or social security numbers.

As you may guess, hackers are able to utilize stolen data in the form of credit card numbers, names, address and social security numbers for identity theft schemes to charge against someone's banking account for monetary gain. That is the ultimate goal of a hacker, to steal money. Gone are the days of physically robbing a bank in person with a gun. The weapon of choice is a computer and the ability to hack into a company's system to steal data.

Do you think companies do enough to keep data breaches from happening? Do you trust your personal information with your current financial institution?

Loading...