Student Loans Company Red Faced Over Mass Email Blunder

The Student Loans Company (SLC) has apologised for mistakenly sending the email addresses of thousands of students to the wrong recipients.

The body said the addresses were included in an email sent to “other customers,” but the SLC could not go into any more details about who those customers were.

The snafu was the result of an administrative error, but no other personal student data was share, the SLC said.

Personal data safe?

“We have contacted all customers affected to let them know about this issue,” the SLC said. “The integrity and security of student accounts and the protection of personal information is vital to us and we apologise to all of the students involved.”

According to the Daily Telegraph, around 8,000 students were affected by the breach.

The SLC is responsible for handing out student grants, delivering means-tested awards via its Student Finance England subsidiary.

The Information Commissioner’s Office said it was looking into the matter. “We have recently been made aware of a possible data breach which appears to involved the Student Loans Company,” a spokesperson told TWE. “We will be making enquiries into the circumstances of the alleged breach of the Data Protection Act before deciding what action, if any, needs to be taken.”

However, as the data is unlikely to be deemed particularly sensitive, or cause harm to individuals, it is unlikely the ICO will punish the SLC. No email correspondence was leaked and it appears no important personal data went amiss.

If passwords were leaked, the situation would be much more serious. Last month, YouPorn users were in a panic after a related service used by the porn site’s members was hacked. Passwords to that service were exposed and users were advised to change their login details for all sites they accessed using the stolen credentials.

How well do you know IT security? Test yourself with our quiz.