Description
On July 21, 2022, Nelnet, a vendor for the Oklahoma Student Loan Authority, identified that a website they maintained contained a vulnerability that resulted in certain student loan account registration information being accessible by a third party. This access is believed to have begun in June 2022 and continued until July 22, 2022.
As soon as the vendor became aware of the issue, they informed the Oklahoma Student Loan Authority that its cybersecurity team took immediate action to secure the information system, block the suspicious activity, fix the vulnerability and launch an investigation with third-party forensic experts to determine the nature and scope of the activity, and informed the federal Department of Education who in turn notified law enforcement. Credit monitoring and identity theft protection services will be available to affected borrowers for 24 months.
| agency | incident date | Type of Data |
No. of Records |
MOre information |
| Oklahoma Student Loan Authority | June 2022 | Personally Identifiable Information (PII) | 1,477 | Those affected have had a notification letter sent to them. Affected borrowers may call the dedicated assistance line at (833) 559-0246, Monday through Friday, from 6 a.m. to 8 p.m. PST; Saturday and Sunday, from 8 a.m. to 5 p.m. PST (excluding major US holidays). |
