Education Department Computer Glitch Exposes Student Financial Records

A technical malfunction on the United States Department of Education's Direct Loan Web site made the financial records of as many as 5,000 borrowers temporarily available for public view earlier this month, a senior department member revealed Tuesday at a hearing before the House Subcommittee on Higher Education and Workforce Training.

James Runcie, chief operating officer of the ED's Office of Federal Student Aid, said that the glitch occurred during a reconfiguration involving 11.5 million borrowers. For six to seven minutes, users logging into the compromised system were able to view the financial details of other borrowers. The reconfiguration was intended to improve lagging Web site performance.

The department quickly became aware of the glitch, Runcie said, and took immediate steps to correct the problem, including shutting down the site and contacting students who may have been affected. Education Department spokesperson Justin Hamilton said he's confident that the momentary breach had no serious impact on borrowers.

"We've reached out by phone and e-mail to the borrowers who were directly impacted and offered them free credit monitoring, support, and the opportunity to ask questions about what happened," Hamilton said in a statement released after the hearing, adding that there was "no reason to believe that any of the information has been misused."

The purpose of the congressional hearing was to review the Education Department's transition to the new federal Direct Loan program and address concerns about the process, said subcommittee chairwoman Rep. Virginia Foxx, R-NC, in her opening remarks. Among the concerns discussed were the decline in customer service and increase in problems and mistakes, including the recent security failure on the Direct Loan Web site.

"The implications of this kind of Web site malfunction are severe, particularly when it affects millions of borrowers nationwide," Foxx said.

Runcie said he believes the overall transition has been successful, despite the glitch and reiterated his department's commitment to creating a secure system infrastructure.

"In terms of overall security architecture, that's something we are very concerned about, and investing meaningful sums of money," Runcie told the subcommittee members. "But when you have this scale of a system in transition sometimes glitches occur."

About the Author

Kanoe Namahoe is online editor for 1105 Media's Education Group. She can be reached at [email protected].

Featured

  • open laptop in a college classroom with holographic AI icons like a brain and data charts rising from the screen

    4 Ways Universities Are Using Google AI Tools for Learning and Administration

    In a recent blog post, Google shared an array of education customer stories, showcasing ways institutions are using AI tools like Gemini and NotebookLM to transform both learning and administrative tasks.

  • illustration of a human head with a glowing neural network in the brain, connected to tech icons on a cool blue-gray background

    Meta Launches Stand-Alone AI App

    Meta Platforms has introduced a stand-alone artificial intelligence app built on its proprietary Llama 4 model, intensifying the competitive race in generative AI alongside OpenAI, Google, Anthropic, and xAI.

  • three main icons—a cloud, a user profile, and a padlock—connected by circuit lines on a blue abstract background

    Report: Identity Has Become a Critical Security Perimeter for Cloud Services

    A new threat landscape report points to new cloud vulnerabilities. According to the 2025 Global Threat Landscape Report from Fortinet, while misconfigured cloud storage buckets were once a prime vector for cybersecurity exploits, other cloud missteps are gaining focus.

  • Stylized illustration showing cybersecurity elements like shields, padlocks, and secure cloud icons on a neutral, minimalist digital background

    Microsoft Announces Security Advancements

    Microsoft has announced major security advancements across its product portfolio and practices. The work is part of its Secure Future Initiative (SFI), a multiyear cybersecurity transformation the company calls the largest engineering project in company history.