On January 11 the Canadian government announced the information of 583,000 students who received loans from the Canada Student Loans Program between 2000 and 2006 had been lost.
However, the initial incident occurred in November, with Human Resources and Skills Development Canada taking over a month to inform the affected students and the public.
The response of students ranged from serious concern to frustration and outrage. Many students were forced to pay for credit rating notifications in hopes of monitoring whether anyone had profited from gaining access to their personal information.
Now, those affected by the loss have come together to form a Facebook group to voice their concerns, as well as creted a new website, studentloanprivacybreach.ca. The website provides detailed information on the fiasco, as well as support.
“[The government] has not taken it seriously and all communication about it has been limited to perfunctory expressions of regret and reductive statements about the importance of this breach,” Arzie Chant, a Western student affected by the security breach, said.
Initially, a 1-800 number was set up so students could call and find out whether or not they had been affected. However, by mid-January, the HRSDC decided to post letters to the affected students.
The letters mailed to affected individuals included confirmation they were affected, description of the specific information lost, an offer to place a note on credit ratings for the next six years and reassurance the privacy commissioner was investigating the loss.
In an ironic turn of events, the CBC reported on Friday that several of these letters were mailed out to the wrong recipient, creating yet another privacy breach for those affected.
Markuss Pridgeon, director of media relations for studentloanprivacybreach.ca, said students were frustrated with receiving such a scripted response and felt Diane Finley, Minister of Human Resources and Skills Development for Canada, failed to be forthcoming.
“We have asked Finley in the [House of Commons], and on Twitter, and are getting the same result—no answers,” Pridgeon said.
According to Pridgeon, he believes some individuals have been tasked by the government to monitor the information on the Facebook group.
“In all honesty, […] they must think we are stupid and don’t have access to resources, or they just don’t fully understand the gravity of the situation that their negligence has placed us all in,” Pridgeon lamented.
Pridgeon, who also does double duty as an IT specialist, stated he had a strong understanding of the situation, and said “I can tell you, for a fact, that the government is in a great deal of trouble.”
“In my personal and professional opinion, HRSDC has no security policy set up because, if they did, this would have never happened.”