Apr 23, 2020
On April 21, 2020, news sources* revealed the Small Business Administration (SBA) notified 8,000 applicants of the Economic Injury Disaster Loan (EIDL) program of a data exposure on the application website. The exposure, which occurred briefly on March 25, may have permitted applicants to view Personally Identifiable Information (PII) of other applicants. Current reports reveal the disclosure included names, Social Security numbers, tax identification numbers, addresses, dates of birth, emails, phone numbers, marital and citizenship statuses, household sizes, incomes, financial and insurance information.
If you learn you have been impacted by the data exposure, the Federal Trade Commission has provided specific guidance with checklists on their website for Identity Theft. The actions described in their checklists are based on the type of data loss. Please refer to this website on how to protect yourself.
It is unfortunate to have a data exposure during an already stressful time, but it further demonstrates the continued need for cybersecurity programs. WVC Technologies is here to assist you in making sure your company is operating securely whether it be updating your remote working policies, implementing a security practice, or preparing a business continuity plan.
*CNBC was the first to report on the data exposure from the SBA. For a full report, please see this article.
Connect With Us.
Tiffany Pollard, CISA
Risk Services Practice Leader
Categories: Risk Services