Slashdot Mirror

← Back to Stories (view on slashdot.org)

Student Financial Aid Database Being Misused

Posted by kdawson on from the six-solicitations-per-day dept.

pin_gween writes "The Washington Post reports on the probable abuse of the National Student Loan Data System. The database was created in 1993 to help determine which students are eligible for financial aid. Students' Social Security numbers, e-mail addresses, phone numbers, birth dates, and loan balances are in the database. It contains 60 million student records and is covered by federal privacy laws. Advocates worry that businesses are trolling for marketing data they can use to bombard students with mass mailings or other solicitations. The department has spent over $650,000 in the past four years protecting the data. However, some senior education officials are advocating a temporary shutdown of access to the database until tighter security measures can be put in place."

5 of 182 comments (clear)

  1. Duh... by dal20402 · · Score: 5, Funny

    O rly?

    I would never have guessed that these guys had anything to do with the 2-3 student loan consolidation offers I get per day...

    I'm sure my future, not just this article, is

    from the six-soliciations-per-day dept.
  2. it's about time, but we should do more by User+956 · · Score: 5, Informative

    The Washington Post reports on the probable abuse of the National Student Loan Data System.

    Well color me surprised. Or not. Anyone in the financial services industry is well aware that students are prime targets for all sorts of jacked-up offers. That data needs protecting, but the whole credit system in this country needs a major overhaul.

    --
    The theory of relativity doesn't work right in Arkansas.
  3. My stragegy for stopping the junk mail... by jasmak · · Score: 5, Interesting
    I am still in college, and currently me and everyone I kno all get tons and tons of letters for consolidations and credit cards. What I think should happens is that everyone should band together against these junkmailing companies to end it(or at least take a shot at the man). Here is how it works:

    1) Open junk mail

    2) Remove return envelope

    3) Fold up the rest of the contents as they arrived and stuff them in the envelope

    4) Send it back to them

    I figure if enough people do this, it can begin to make a dent by doubling how much they pay for each mailing(how many people actually sign up with junkmail anyhow) or at least maybe they will take me off their list(doubtful) but in the worst case... I am giving them they exact pain the inflict on me by having to open worthless mail.

    --
    It is the mark of an educated mind to be able to entertain a thought without accepting it.
  4. Re:Hacked? by epee1221 · · Score: 5, Interesting
    Exactly. There is no breaking-in going on. TFA says the problem is that lenders are mining in ways that aren't allowed by federal regulations. This leaves a few questions:
    • Why does the database system fulfill illegal search requests?
    • Do those who have been searching illegally still have access? If so, why?
    • What punishment exists for violating the regulations on what searches are allowed?
    • How much of the data stored on each student do these lenders actually have legitimate reason to know?
    • What hoops does a lender have to jump through to get access to the database?
    --
    "The use-mention distinction" is not "enforced here."
  5. Not that simple by Moraelin · · Score: 5, Interesting

    I don't give a shit anyway , if it's only going to be email messages. In the worst case they would call ? .. Just hang up.


    It's not that simple. If the database contained only email addresses and telephone numbers, ok, noone would give too much of a shit.

    Unfortunately, by the sound of it, it contains enough data for identity theft. Especially since in America a bunch of idiots decided that the SSN is usable as unique ID and/or password for everything, so anyone who knows yours already won half the battle to impersonate you. Plus the always useful (especially to a crook) information of how elligible for a loan everyone there is.

    So here's a simple scenario: a crook looks through that database, finds a list of kids with upper middle class parents (you don't want to go for billionaire sons, because that might raise suspicions), also finds all the information needed to impersonate any of them to a bank, and takes a hefty "student loan" in the name of each. Just hefty enough to be worth the heist, but not quite close to the limit to raise too much suspicion and verifications. Crook buggers off with the money, and the parents are left to prove that it wasn't their offspring who took the loan. (After a round of inquisition to determine if it really was the son who blew the money on hookers, booze and dope.)
    --
    A polar bear is a cartesian bear after a coordinate transform.