SBA Security Incident May Affect Nearly 8,000 Businesses
Business owners who applied for federal disaster loans may have had information exposed to other applicants, the Small Business Administration reports.
The Small Business Administration (SBA) has confirmed that nearly 8,000 business owners who applied for an emergency loan may have viewed sensitive data belonging to other applicants.
This incident affects those who applied for the Economic Injury Disaster Loans (EIDL), an SBA program historically used to provide loans for small businesses recovering from wildfires, tornadoes, and other natural disasters. EIDL was expanded in March to assist organizations suffering financial hardship due to the economic effects of coronavirus. The program’s funds are separate from the Paycheck Protection Program, which was not affected in the incident.
On March 25, the SBA discovered personal information belonging to EIDL applicants may have been accidentally shared with others. If users tried to click the “back” button, they may have been able to see information that belonged to another business owner applicant.
“We immediately disabled the impacted portion of the website, addressed the issue, and relaunched the application portal,” a senior administration official told CNBC.
Data potentially exposed in the incident includes names, Social Security numbers, addresses, birth dates, email addresses, phone numbers, citizenship status, and insurance information, the Washington Post reports. The SBA has not disclosed how long the data may have been exposed or how the issue was found. There is so far no indication the exposed data has been misused.
Read more details here.
Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
More Insights
Read More HERE