Education data at risk again

The Education Department is a victim of data exposure for the second time in less than a month.

DTI Associates, a professional services contractor based in Arlington, Va., acknowledged that two laptop computers were stolen Aug. 11 from its Washington, D.C., office on K Street.

The laptops contained information on 43 reviewers who were assessing grant applications for Education’s Teacher Incentive Fund, said Bruce Rankin, vice president of DTI.

The only personal data that may have been in the laptops were the educators’ Social Security numbers, used for payroll identification purposes, he said. “We were not working with this data,” he added. “It was part of the process of selecting readers’ unique identifiers. We have no other personal data from these folks.”

Rankin said he spoke to 41 of the readers and corresponded by e-mail with the other two, informing them of the possible theft of their Social Security number. He also met with 24 of them in Washington, D.C., and gave them identity theft protection information from the Federal Trade Commission.

DTI is providing the 43 readers with one year of free credit monitoring from Equifax, which includes notifying them of any credit history queries and compensation for any ID theft, whether or not it is directly related to the incident, Rankin said.

The Washington, D.C., Metropolitan Police Department has a video surveillance tape that appears to show the person who stole the units, he added.

He said Education’s response has been measured. Department officials appreciated the fact that DTI notified them immediately, Rankin added. “We’ve stayed in pretty close contact, sharing the information, the police reports as well as our contact with the readers,” he added.

Education officials said last week that a student loan page on the department’s Web site malfunctioned for 36 hours Aug. 19-21.

During that time about 21,000 borrowers who had logged on to the page may have inadvertently exposed their personal data, including phone numbers, addresses and Social Security numbers, to others on the site.

The site was closed for several days while the department’s contractor, Affiliated Computer Services, a Dallas-based Fortune 500 company, installed new and more secure software.