Best Top Reviews Online

A Student Loan Breach Has Exposed 2.5 Million Records

In a breach that could lead to further problems, 2.5 million people were affected.

Over 2.5 million loanees have been notified by EdFinancial and the Oklahoma Student Loan Authority (OSLA) that their personal information was compromised in a data breach.

According to a breach disclosure letter, the target of the breach was Nelnet Servicing, a Lincoln, Nebraska-based servicing system and web portal provider for OSLA and EdFinancial.

Nelnet notified affected loan recipients of the breach via letter on July 21, 2022.

“[Our] cybersecurity team took immediate action to secure the information system, block the suspicious activity, resolve the issue, and launch[sic] an investigation with third-party forensic experts to determine the nature and scope of the activity,” the letter states.

By the 17th of August, the investigation had determined that personal user information had been accessed by an unauthorized party. Names, home addresses, email addresses, phone numbers, and social security numbers for a total of 2,501,324 student loan account holders were exposed. The financial information of users was not disclosed.

According to a breach disclosure filing submitted to the state of Maine by Nelnet’s general counsel, Bill Munn, the breach occurred between June 1, 2022, and July 22, 2022. A letter sent to affected customers, however, dates the breach to July 21. On August 17, 2022, the breach was discovered.

“On July 21, 2022, Nelnet Servicing, LLC (Nelnet), our servicing system, and our customer website will be decommissioned.”

“Our portal provider notified us that they had discovered a vulnerability that we believe contributed to this incident,” according to Nelnet.

It’s not clear what the flaw was.

“On August 17, 2022, this investigation determined that certain student loan account registration information was accessible by an unknown party from June 2022 to July 22, 2022,” according to the letter.

Loan Recipient Targets

Although users’ most sensitive financial information was protected, the personal information obtained in the Nelnet breach “has the potential to be leveraged in future social engineering and phishing campaigns,” according to Melissa Bischoping, endpoint security research specialist at Tanium, in an email statement.

“With the recent news of student loan forgiveness, it’s reasonable to expect scammers to take advantage of the opportunity,” Bischoping said.

The Biden administration announced last week a plan to forgive $10,000 in student loan debt for low- and middle-income borrowers. She claims that the loan forgiveness program will be used to entice victims to open phishing emails.

She warns that recently compromised data will be used to impersonate affected brands in wave after wave of phishing campaigns aimed at students and recent college graduates.

“They can be particularly deceptive because they can leverage trust from existing business relationships,” she wrote.

According to the breach disclosure, Nelnet Servicing’s cybersecurity team “took immediate action to secure the information system, block the suspicious activity, fix the issue, and launch an investigation with third-party forensic experts to determine the nature and scope of the activity.”

In addition, two years of free credit monitoring, credit reports, and up to $1 million in identity theft insurance were included in the remediation.

Why Trust Us?

Best Top Reviews Online was established in 2018 to provide our readers with detailed, truthful, and impartial advice on what to buy. We now have millions of monthly users from all over the world and annually evaluate over a thousand products.

The above article was written by the BestTopReviewsOnline team, which consists of some of the most knowledgeable technical experts in the United States. Our team consists of highly regarded writers with vast experience in smartphones, computer components, technology apps, security, and photography, among other fields.

Related Stories

  • All Post
  • Best Picks
  • Explainers
  • How To
  • News
  • Versus

Get more info



Best Products

Buying Guides

Contact Us

About Us

We provide a platform for our customers to rate and review services and products, as well as the stores that sell them. We research and compare the most popular brands and models before narrowing it down to the top ten, providing you with the most comprehensive and reliable buying advice to help you make your decision.

Disclaimer is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to As an Amazon Associate I earn from qualifying purchases.


Address & Map

20 S Santa Cruz Ave, Suite 300, Los Gatos, CA 95030, United States

© 2022 Pty. Ltd. All Rights Reserved. Licensing: All third-party trademarks, images, and copyrights used on this page are for comparative advertising, criticism, or review. As this is a public forum where users can express their opinions on specific products and businesses, the opinions expressed do not reflect those of