DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Two Sentenced for Accessing President’s Student Loan Records

Posted on September 28, 2010 by Dissent

On August 25, 2010, Mercedes Costoyas, a.k.a., Mercedes Costoyas-Perret, 53, of Iowa City, IA, and John P. Phommivong, 30, of North Liberty, IA, were each sentenced to one year probation for exceeding authorized computer access. The sentencing was announced on September 25 by United States Attorney Nicholas A. Klinefeldt.

United States District Judge James E. Gritzner also ordered each defendant to pay $25 to the Crime Victim’s Fund. Both defendants, former Department of Education (DOE) contract employees, had been charged with accessing without authorization the student loan records of President Barack Obama. In the Phommivong case, the offense occurred when President Obama was a candidate for the Presidency. In the Costoyas case, the offense occurred after President Obama took office.

The activities of Costoyas and Phommivong came to light when the United States Department of Education, Office of Inspector General (DOE-OIG) began an investigation to determine if its employees, or those of its contractors, had inappropriately accessed the student loan information of certain celebrities or well-known political and sports figures.

A number of leads came back to Vangent Corporation in Coralville, Iowa. Vangent, a DOE contractor, assists with student loan inquiries via their call center and engages in debt collection. Vangent employees utilize the National Student Loan Data System (NSLDS) database, which is maintained by DOE pursuant to the 1992 Higher Education Act, in the performance of their duties. This database contains the private information of borrowers, including that of President Barack Obama.

As a result of the investigation, nine former employees of Vangent were charged with exceeding authorized computer access. All nine accessed President Obama’s student loan information either while he was a candidate for the presidency, President-Elect or President of the United States. Eight of the nine pled guilty. Another defendant, Sandra Teague, went to trial in August and was found guilty.

This investigation was conducted by the United States Department of Education, Office of Inspector General.

Source: U.S. Attorney’s Office, Southern District of Iowa

Category: Breach IncidentsEducation SectorGovernment SectorOf NoteSubcontractorU.S.Unauthorized Access

Post navigation

← (follow-up) Three black market travel agents plead guilty
Security problems reported by ATBHost.net →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • AT&T gets preliminary approval for $177 million data breach settlement
  • Aflac notifies SEC of breach suspected to be work of Scattered Spider
  • Former JBLM soldier pleads guilty to attempting to share military secrets with China
  • No, the 16 billion credentials leak is not a new data breach — a wake-up call about fake news
  • Tonga’s health system hit by cyberattack (1)
  • Russia Expert Falls Prey to Elite Hackers Disguised as US Officials
  • Proposed class action settlement in In re Netgain Technology litigation
  • Qilin Offers “Call a lawyer” Button For Affiliates Attempting To Extort Ransoms From Victims Who Won’t Pay
  • Ireland’s Data Protection Commission publishes 2024 Annual Report
  • The headlines suggested Freedman Healthcare suffered a ransomware attack that affected patient data. The reality was quite different.

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data
  • US Judge Invalidates Biden Rule Protecting Privacy for Abortions
  • DOJ’s Data Security Program: Key Compliance Considerations for Impacted Entities
  • 23andMe fined £2.31 million for failing to protect UK users’ genetic data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.