Data breach may have exposed personal information of thousands of SBA emergency loan applicants

Nearly 8,000 applicants may have seen identifiable details of other applicants before the Small Business Administration fixed and relaunched the site.

The personal information of thousands of small businesses applying for federal disaster loans was potentially exposed to other applicants, marking the latest glitch in the rollout of government programs designed to help companies crippled by the coronavirus pandemic.

Nearly 8,000 applicants to the Economic Injury Disaster Loan program (EIDL) — a long-standing program run by the Small Business Administration (SBA) — may have been affected. In a statement, the SBA said that it “immediately disabled the impacted portion of the website, addressed the issue, and relaunched the application portal.”

The emergency relief program typically issues loans to small businesses recovering from tornadoes and wildfires. But last month, the SBA expanded the program to include those hit by the coronavirus’s unprecedented economic fallout. EIDL funds are separate from the Paycheck Protection Program, which the White House and congressional leaders have been scrambling to replenish after its first round of funding ran out.


continue reading »