A data breach in the Small Business Association (SBA) loan application portal may have exposed the personal information of thousands of businesses last month as they submitted emergency loan applications during the COVID-19 pandemic, according to the Washington Post. The SBA has seen a large influx of applications from struggling businesses seeking emergency loans due to the coronavirus outbreak.
According to Business Insider, the data breach was caused by a glitch in the SBA website that allowed loan applicants to view the data of other applicants. The exposed personally identifiable information may have included names; addresses; email addresses; phone numbers; Social Security numbers; income; birth dates; citizenship and insurance information.
The personal information of 7,913 business owners may have been affected. The glitch was discovered in late March, but it is unclear how long the personal information of applicants was exposed. The SBA deactivated the affected area of the website, fixed the issue and relaunched the application portal.
Affected businesses have been notified by the SBA. This glitch marks another headache for federal and local systems that are overwhelmed by applications from businesses and individuals seeking economic relief during the coronavirus pandemic.
The data breach also comes after small businesses are seeing an increase in scam attempts as business owners seek financial assistance during the COVID-19 pandemic.