Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Data breach exposes SBA Emergency Injury Disaster Loan program applicants

Federal Issues Privacy/Cyber Risk & Data Security Covid-19 SBA Data Breach

Federal Issues

On April 21, according to reports, the Small Business Association (SBA) acknowledged that it notified almost 8,000 applicants of the Economic Injury Disaster Loan (EIDL) program that their information may have been exposed as part of a data breach. Specifically, the agency stated that on March 25, the personal information of business owners applying for the EIDL program was potentially exposed to other applicants on the SBA’s website. The information exposed included names, social security numbers, birth dates, certain financial information, email addresses, and phone numbers. According to the SBA, there is no evidence that the exposed information has been misused. Notably, the breach only effected the applicants of the EIDL program, not the Paycheck Protection Program, which did not begin accepting applications until April 3.