DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Access Group notifies borrowers of data security incident

Posted on April 25, 2018 by Dissent

It’s not just edtech vendors students need to watch out for when it comes to privacy and data security.  Vendors that help process student loans may also put you at risk, as this notification from AccessLex Institute  (dba Access Group) reminds us.  The nonprofit organization, which provides financial education resources and services, writes:

Dear [Name]:

[Date]

Notice of Data Breach

We are writing to inform you of an incident that may have affected your personal information. We take the privacy andsecurity of our borrowers’ information very seriously and are writing to provide details regarding the incident and information about steps you may take to help protect yourself.

What Happened:

On March 28, 2018 we learned that on March 23, 2018 a vendor we use to help provide student loan processing services inadvertently sent a copy of certain loan files, including your file, to another business that was not authorized to receive them. Shortly after we learned of the inadvertent file transfer, we contacted managers of the second business that received the files. The second business confirmed it had deleted the transferred files and agreed that the appropriate manager would sign a sworn statement confirming it had deleted the files and retained no copies.

What Information Was Involved:

The information involved included your name, driver’s license number, and Social Security number.

What We Are Doing:

We are committed to protecting your information and regret any concern this incident causes you. To try to prevent a similar incident from happening in the future, AccessLex Institute d/b/a Access Group will continue to communicate to its vendors that they must have written data transfer protocols in place and must train their employees to verify the identity of planned recipients of data transfers before the vendors transfer data.

What You Can Do:

We are committed to protecting your information and regret any concern this incident causes you. We encourage you to remain vigilant by reviewing your financial account statements for any unauthorized activity. You should also review the additional information on the following pages regarding ways to protect yourself. In an abundance of caution, we have arranged for you to receive a complimentary one-year membership of Experian’s® IdentityWorksSM Credit 3B. This product helps detect possible misuse of your personal information and provides you with identity protection services focused on immediate identification and resolution of identity theft. IdentityWorks Credit 3B is completely free to you and enrolling in this program will not hurt your credit score. For more information on identity theft prevention and IdentityWorks Credit 3B, including instructions on how to activate your complimentary one-year membership, please see the additional information provided in this letter.

For More Information:
If you have questions about this incident, you may call [insert call center phone number], Monday through Friday, from[insert times].

Sincerely,

Charles Albano EVP and COO

Category: Breach IncidentsBusiness SectorExposureSubcontractorU.S.

Post navigation

← Altaba, Formerly Known as Yahoo!, Charged With Failing to Disclose Massive Cybersecurity Breach; Agrees To Pay $35 Million
Hackers built a ‘master key’ for millions of hotel rooms →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Lower Merion School District says a data breach was caused by a computer glitch
  • After $1 Million Ransom Demand, Virgin Islands Lottery Restores Operations Without Paying Hackers
  • Junior Defence Contractor Arrested For Leaking Indian Naval Secrets To Suspected Pakistani Spies
  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • Class action settlement following ransomware attack will cost Fred Hutchinson Cancer Center about $52 million
  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.