Personal data exposed on student loan Web site

The Education Department and its Web site contractor say they will offer free credit monitoring as long as necessary to any of 21,000 student borrowers whose personal data was exposed on a student loan Web site in the past few days.

Education spokeswoman Jane Glickman said there was a 36-hour software malfunction at Affiliated Computer Services, a Dallas-based Fortune 500 company that manages the software that runs the site.

During that time some borrowers who were logging on to the site at the same time as others may have had “their personal data mixed up,” she said.

Names, Social Security numbers, birthdates and addresses could have been revealed to those who were signed on to the Federal Direct Student Loan Program site simultaneously.

Portions of the site were shut down Aug. 21 and the remainder Aug. 22, Glickman said. The loan site remains shut down, she added.

“We’re not putting any of the Web pages back online until we’re 100 percent satisfied that the problem is resolved and won’t happen again,” Glickman said.

There have been no reports of identity theft, she said. “As of yesterday we received a total of 26 calls from borrowers,” she added.

She said they would be told of the credit monitoring offer and any future developments.

Rep. Edward Markey (D-Mass.), co-chairman of the Congressional Privacy Caucus and a member of the House Homeland Security Committee, sent a letter today to Education Secretary Margaret Spellings stating, “The Department of Education cannot openly expose the financial information of student loan borrowers without promising significant efforts to protect those individuals from identity theft.”

The main Education Web site has not reported the incident.

Calls to Affiliated Computer Services were not returned.