After several years of reported abuse, the Bush administration has rescinded lender access to a federal database containing sensitive financial information on about 60 million college students.
The temporary move bars college loan firms from accessing the government-run database over concerns of data mining and invasions of privacy.
Lenders and guarantee agencies often use the database to help determine the eligibility of an applicant for federal student aid.
The move was precipitated by a letter from Sen. Edward Kennedy, D-Mass., chairman of the Senate Health, Education, Labor and Pensions Committee. He is urging the Secretary of Education to shut down the database following reports of lenders breaching the database.
“The privacy of every borrower must be a top priority for the department. Until the security of the database can be ensured, I urge you to block the use of the database by private lenders,” Kennedy wrote in the letter.
The suspension of access was effective immediately and applied to lenders, loan holders and guaranty agencies, Education Secretary Margaret Spellings said.
“We will conduct a review of the specific uses of [the database] by these entities to determine if there has been unauthorized usage,” Spellings said in an open letter to Kennedy.
The information in the database contains students’ Social Security numbers, e-mail addresses, phone numbers, birth dates and financial information covered by federal privacy laws.
Over the past few years, there has been an uptick in incidents of information breaches in both the private and government sectors.
According to Secretary Spellings, the department has revoked 246 database access permits “due to suspicious activity” from users within the student loan industry.
Universities seem to be especially fertile ground for exploitation, Rob Ayoub, an industry manager of network security at Frost & Sullivan, told the E-Commerce Times.
About 98,000 students and former students had their information compromised at the University of California, Berkeley alumni system, as well as major breaches at Harvard University and Boston College.
“The number of companies and organizations reporting breaches and personal information exposure is definitely on the rise,” said Ayoub, “and now everyone is taking notice.”