D.C. Data Breach Affects Thousands of Financial-Aid Applicants

An employee of the Washington, D.C., agency that processes college financial-aid requests inadvertently e-mailed personal information — including Social Security numbers and home addresses — to about 1,250 applicants, The Washington Post reported today.

At the center of this breach was the “DC OneApp,” an online application through which Washington students apply for grants. The disclosure happened when an employee of the district’s Office of the State Superintendent of Education accidentally attached a spreadsheet to an e-mail message that went to 1,250 applicants to one of the grant programs, the DC Tuition Assistance Grant Program.

Those students received a wealth of personal information for about 2,400 student applicants, including names, dates of birth, telephone and Social Security numbers, and e-mail and home addresses. The office did not publicly announce the breach, but did notify those whose personal information was exposed and, to keep watch against identity theft, offered them subscriptions to a credit-monitoring service. The Post reported on the incident after a parent forwarded the newspaper an e-mail message from the office.

Some parents were livid about the breach, the Post reported. But breaches involving personal information are not uncommon in higher education.—Marc Parry

Return to Top