The Education Department manages more than a trillion dollars in outstanding student loans, making the agency essentially the size of Citibank and an attractive target for hackers.
Like many federal agencies, the department is struggling to shore up network defenses.
Government watchdogs at a Tuesday congressional hearing counted the ways in which the department is putting in jeopardy the identities and finances of students and their parents.
The hope is that Education will learn a lesson from these numbers --
- $1.18 million in outstanding debt obligations, according to the House oversight committee
- 139 million Social Security numbers stored (committee)
- $109 billion in direct loans (committee)
- 40 million borrowers (committee)
- 97,000 account holders, including schools and contractors, have access to student loan information (committee)
- 5,000 account holders have undergone background checks (committee)
- 184 IT systems total, according to the Education Department inspector general
- 120+ systems operated by contractors (IG)
- 1 on a 5-point scale in progress deploying continuous, automatic monitoring of security controls (IG)
- $32 million spent on cybersecurity (Government Accountability Office)
- 26 percent of reported cyberincidents involved the mishandling of data, including personal information (GAO)