Cyber crime continues to be very costly for organizations, and by now we all know that cyber criminals tend to take advantage especially during difficult times — case and point: The Small Business Administration (SBA) admitted last week that nearly 8,000 business owners that applied for a loan from them may have had their personal information exposed to other applicants.
The breach relates to the SBA program called Economic Injury Disaster Loans (EIDL) that has traditionally been used to aid business owners whose businesses have been disrupted by hurricanes, tornadoes or other disasters, recently expanded by Congress in the $2.2 trillion CARES Act. In addition to loans, the law authorized grants of up to $10,000 that don’t need to be paid back.
CNN reports that a letter sent to the disaster loan applicants, dated April 13, states that a breach was detected on March 25 — a section of the portal was disabled while a security issue was resolved. The breach impacts a vital program for small business owners, and it could harm small business owners who are already struggling during an incredible challenging time. While there is no evidence at this time that applicant data has been abused, the agency is offering everyone that could be affected, a year of free credit monitoring. Unfortunately, during the same week, researchers found that the SBA is also part of a large wave of phishing emails that are fraudulently using their name.
New applicants are not being accepted due to “available appropriation funding.”
These types of breaches and cybercrime are happening everywhere. In fact, the FBI says that cybercrime reports have quadrupled during the COVID-19 pandemic. Is your business prepared for a cyber threat? There’s no better time than right now to make sure your business is protected. We are here to help!