2.5M Records Were Exposed in A Data Breach Targeting Those With Student Loans (Dustball)

Nelnet Servicing suffered a data breach involving two of its clients, the Oklahoma Student Loan Authority (OSLA) and EdFinancial. Nelnet Servicing is a Lincoln, Neb.-based servicing system and web portal provider that provides services to both OSLA and EdFinancial. Nelnet had notified those involved in the data breach via a letter in July 2022.

Nelnet's general counsel, Bill Munn, filed a breach disclosure to the state of Maine notifying that the breach had occurred sometime between the dates of June 1, 2022, and July 22, 2022. Despite this large set of dates in the official filing, the letter sent to affected customers pinpoints that the data breach occurred on July 21st, 2022.

Over 2.5 million records were breached in the attack. The data breach did not expose the majority of the financial data of the individuals affected, but the data that was exposed could cause problems down the line. The information that was breached could be used later on in social engineering or phishing attacks.

After the recent news of student loan forgiveness, it is possible that the attackers may attempt to use the information exposed in this data breach to phish for much more sensitive information. The data from this breach could be used in the future to leverage trust using the names of OSLA or EdFinancial in email phishing campaigns.

It is currently unclear what vulnerability was exploited in the attack against Nelnet, but the company says it does know the nature of the vulnerability and how the attackers got access to this data. Nelnet is working with third-party digital forensics experts to determine the nature and scope of this attack.

Nelnet Servicing is offering remediation to those affected in the form of two years of free credit monitoring, credit reports, and up to $1 million in identity theft insurance.