Student Financial Aid Database Being Misused 182
pin_gween writes "The Washington Post reports on the probable abuse of the National Student Loan Data System. The database was created in 1993 to help determine which students are eligible for financial aid. Students' Social Security numbers, e-mail addresses, phone numbers, birth dates, and loan balances are in the database. It contains 60 million student records and is covered by federal privacy laws. Advocates worry that businesses are trolling for marketing data they can use to bombard students with mass mailings or other solicitations. The department has spent over $650,000 in the past four years protecting the data. However, some senior education officials are advocating a temporary shutdown of access to the database until tighter security measures can be put in place."
All databases eventually get hacked (Score:4, Interesting)
Re:All databases eventually get hacked (Score:2, Interesting)
it almost doesn't matter (Score:4, Interesting)
My stragegy for stopping the junk mail... (Score:5, Interesting)
1) Open junk mail
2) Remove return envelope
3) Fold up the rest of the contents as they arrived and stuff them in the envelope
4) Send it back to them
I figure if enough people do this, it can begin to make a dent by doubling how much they pay for each mailing(how many people actually sign up with junkmail anyhow) or at least maybe they will take me off their list(doubtful) but in the worst case... I am giving them they exact pain the inflict on me by having to open worthless mail.
Re:Duh... (Score:4, Interesting)
I swear, every week I get some sort of consolidation spam vaguely disguised as a threatening pink or yellow bill.
Re:Financial aid is effing broken anyway (Score:1, Interesting)
What's the solution? (Score:4, Interesting)
A good example of how a good idea can go wrong is Digg. It addresses one of the sore spots about Slashdot: the ability for anyone to submit news, and immediately have it viewable by others. It also opens up the comment moderation system to everyone. It's the Digg comment moderation I'd like to consider for the moment.
What we often find is that people in the know get their posts voted down, especially if they say something unpopular (even if completely factual). An example of this is noted Slashdot poster John Randolph, who goes by the handle jcr. He often speaks his mind, and that gets some people at Digg all riled up. So they moderate down his comments. This is especially true in his posts dealing with Apple, where John says it as it is. After all, John worked at Apple for a long time. He knows how things are done there. But that's not good enough for many of the morons at Digg. They bury what are perhaps the most informative, insightful and interesting comments. It's a perfect example of how a system that tries to fix Slashdot ends up being far worse in most cases.
I could see the same thing happening with proposed solutions to these data protection problems. If it's a legislation-based approach, the law will end up making database server administration far more difficult and time-consuming. A market-based approach will no doubt have even more problems.
Re:Hacked? (Score:5, Interesting)
Re:The number of credit card offers... (Score:5, Interesting)
The particularly obnoxious thing is not getting credit card offers... no... your student i.d. IS a credit card! It's a mastercard. You have to go online to activate it and when you do, you have the option (if you check the box every time it pops up) to NOT have a credit account attached to it.
In my mind this is even more insidious than the 5 credit card booths between the registrar's office and financial aid, and the pile of credit card apps in your bookstore bag.
There's no way to avoid getting the card and you have to work to not make it a credit card.
Re:But you can surprise them (Score:4, Interesting)
First, Ask them who they represent. Once they answer with the company they are working for tell them to take you off their list and any other lists they have associated with it and to make sure you don't end back up on the list again. Then tell them your not interested in the of offer and repeat the take me off the list thing again.
It is important to tell the to take you off the list first because sometimes they will hang up before you can say it after you told them you weren't interested.
I have heard that if they keep calling you after you told them to take you off the list, you can get something like $500 a pop for each time they call you after. I'm not sure about that specifically but I think the key that really makes this work is that they know you won't buy what they are selling and since you have shown that it angers you to be bothered by them, they move onto someone that will give them a commission or a sale. And trust me, This works quite well in stopping the phone calls. But you have to be specific and keep a record of who is calling. And when you tell them to take you off the list, Don't yell or scream, just speak like you are the principle at a grade school telling a third grader something they did was really bad.
Not that simple (Score:5, Interesting)
It's not that simple. If the database contained only email addresses and telephone numbers, ok, noone would give too much of a shit.
Unfortunately, by the sound of it, it contains enough data for identity theft. Especially since in America a bunch of idiots decided that the SSN is usable as unique ID and/or password for everything, so anyone who knows yours already won half the battle to impersonate you. Plus the always useful (especially to a crook) information of how elligible for a loan everyone there is.
So here's a simple scenario: a crook looks through that database, finds a list of kids with upper middle class parents (you don't want to go for billionaire sons, because that might raise suspicions), also finds all the information needed to impersonate any of them to a bank, and takes a hefty "student loan" in the name of each. Just hefty enough to be worth the heist, but not quite close to the limit to raise too much suspicion and verifications. Crook buggers off with the money, and the parents are left to prove that it wasn't their offspring who took the loan. (After a round of inquisition to determine if it really was the son who blew the money on hookers, booze and dope.)
Re:My stragegy for stopping the junk mail... (Score:2, Interesting)
Email on the other hand...
Re:Todays mail (Score:2, Interesting)
The best thing is, you really don't get junk mail from credit card companies or anything like that. If you do, just stick a note on your mail box stating "No advertisements" and the postal office will stop delivering them to you(required by law I believe). Though if they name you as a recipient they'll deliver even ads, but it seems to be quite rare. I've had the "No ads" note up for 3 years and it's a bad month if I get even one advertisement in mail.
Re:My stragegy for stopping the junk mail... (Score:3, Interesting)
I'm interested if anyone here has tried this and if it works.
Alternatively does anyone know how to stop the weekly circulars that I get every Thursday? I've had my mail shut off because I was out of town for a few weeks and my (apartment) mailbox became stuffed with these circulars and they thought I moved. I'm tired of throwing these away every week. I asked the mailman once and he said they "had" to deliver them. How much are these companies paying the USPS to get this junk put into my mail? I was considering wrapping them up some week, stamping them RTS and tossing them in the post office bin.
This happened to me today (Score:2, Interesting)