"Portable media with personally identifiable information" containing over 3.3 million people with student loans was stolen from Educational Credit Management Corporation's headquarters in St. Paul, Minnesota, over the weekend of 20/21 March, the Washington Post reported over the weekend.
In ECMC's announcement concerning the theft, "The stolen data contained information on approximately 3.3 million individuals and included names, addresses, dates of birth and social security numbers. No bank account or other financial account information was included in the data."
ECMC released the information concerning the theft after receiving approval from law enforcement authorities.
ECMC's management, per usual, also expressed their deep regrets for the incident.
According to the Washington Post story, Paul Kelash, a spokesman for ECMC stated that the theft was not hacking but instead called it "old-fashion theft."
Oh, that must make those 3.3 million people affected feel much better.
And, just how "old-fashion" is stealing three million records using portable media?
Robert N. Charette is a Contributing Editor to IEEE Spectrum and an acknowledged international authority on information technology and systems risk management. A self-described “risk ecologist,” he is interested in the intersections of business, political, technological, and societal risks. Charette is an award-winning author of multiple books and numerous articles on the subjects of risk management, project and program management, innovation, and entrepreneurship. A Life Senior Member of the IEEE, Charette was a recipient of the IEEE Computer Society’s Golden Core Award in 2008.