A student loan services company has notified 16,500 borrowers that files containing personal data were released to a business that wasn't authorized to receive them.
Access Group Education Lending says in a letter to those affected that the data breach happened on March 23 when one of its vendors sent out files—including borrowers' names, driver's license numbers and Social Security numbers—to another business.
Access Group told borrowers it learned of the release on March 28 and it was assured that the vendor who received the files deleted them and didn't retain copies.
In a statement Friday, Access Group said that exposure of any personal information was limited. Those affected are being offered a free year of credit monitoring.
According to its website, Access Group stopped making student loans in 2010.
Explore further: Equifax says 100,000 Canadians' data hacked