Student Advocates Group

Summary

An unsecured Amazon S3 data bucket belonging to the student loan relief group, Student Advocates Group, has exposed over 55,000 Social Security numbers and other forms of identifying information. The group was previously identified and charged by the Federal Trade Commission (FTC) as a debt relief scheme, which was found charging unknowing customers with illegal fees and misleading consumers with false claims to lower or eliminate loan debts. The exposed data includes scanned documents that include proof of income – such as pay stubs and tax returns – and call records that include payment information, among other identifying information. The records are dated between 2018 and January 2020. When combined, this information can be used by criminals in various ways ranging from unauthorized purchases to identity theft. Users who may be impacted are urged to monitor financial accounts and credit records, and consider freezing their credit or placing a fraud alert on their credit file through the credit bureaus. Additional resources can be found via the NJCCIC Alert Identity Theft: The Aftermath of Compromised Information.