By Allie Bidwell, National Association of Student Financial Aid Administrators, Communications Staff
In a letter to the Department of Education’s (ED) Office of Federal Student Aid (FSA), the Office of Inspector General (OIG) warned the federal office of potential misuse of the FSA ID by third parties to take over borrower accounts.
According to the letter, both OIG and FSA share concern over the growth of some third parties’ fraud and misuse of the FSA ID, which last year replaced the FSA PIN as the way students and parents log on to certain ED websites, including the online application for the FAFSA.
OIG documented in the letter its past investigations into recurring issues with the old FSA PIN. Since 2012, for example, OIG found multiple instances of loan consolidation companies gaining access to borrowers’ PIN accounts to “consolidate loans or enroll borrowers in debt forgiveness or reduction programs.” During that investigation, OIG also found that one company charged borrowers a monthly fee of $45 to consolidate and lower their loan payments—both things that borrowers can do for free on their own .
Other OIG investigations found loan consolidation companies that charged higher monthly fees, of up to $60 per month, to put borrowers’ loans into forbearance, with the promise of future enrollment in Public Service Loan Forgiveness, or other programs, regardless of whether the borrowers were eligible for these programs.
In the letter, OIG continued to write that the office has conducted more recent investigations into vulnerabilities involved with the FSA ID and the Personal Authentication Service (PAS). In one particular investigation, OIG looked into claims that a third party was illegally “creating, accessing, and changing FSA ID logon information” that could lock borrowers out of their accounts. OIG subsequently identified nearly 11,000 FSA IDs associated with IP addresses used by a third party company in India.
“During interviews, the victim borrowers stated that over a period of weeks, they would receive daily calls from a call center, and that the callers were overly aggressive in trying to get the borrowers to provide their account and loan information,” the letter said.