The Small Business Administration just told thousands of businesses applying for disaster loans that their personal information was mistakenly leaked

Small Business Administration

  • The Small Business Administration has told nearly 8,000 businesses that their personal information was exposed on its website, a representative confirmed to Business Insider.
  • The leak affected businesses that submitted Economic Injury Disaster Loan applications through the SBA’s website.
  • A bug in the site was mistakenly showing applicants’ personal information, including social security numbers and addresses, to other applicants who subsequently used the portal.
  • The SBA said that it addressed the issue and relaunched the portal and that affected businesses were offered one year of free credit monitoring.

A bug in a federal government website exposed the personal information of thousands of small-business owners applying for Economic Injury Disaster Loans last month.

A representative for the Small Business Administration confirmed the leak to Business Insider, saying that a total of 7,913 applicants’ information was potentially exposed.

Businesses have applied for disaster loans in large numbers as they feel the economic fallout of the coronavirus pandemic. Small-business owners in all 50 states are eligible for $10,000 advances on the loans as part of the COVID-19 relief package enacted last month.

“Personal identifiable information of a limited number of Economic Injury Disaster Loan applicants was potentially exposed to other applicants on SBA’s loan application site. We immediately disabled the impacted portion of the website, addressed the issue, and relaunched the application portal,” the SBA representative told Business Insider.

The SBA has notified applicants of the exposure, CNBC first reported on Tuesday. The data exposure affects only applicants for EIDL loans, not Paycheck Protection Program loans, the representative said

In early April, business owners told CBS News that when they tried to apply for the loans, they noticed other businesses’ information — including Social Security numbers, emails, phone numbers, and addresses — already filled in on the registration page. The SBA confirmed the leaks at the time.

The SBA has addressed the issue, relaunched the portal, and offered people who might have been affected one year of free credit monitoring, the representative said.

“If you liked the article, share it in ...”