NEW YORK – Thousands of small business owners reeling from the aggressive measures taken to halt the spread of the coronavirus may have had their personal information exposed last month on a government website that handles disaster loan applications.
The Small Business Administration said Tuesday that the personal information of more than 7,000 business owners applying for economic injury disaster loans was potentially seen by other applicants on the SBA website on March 25.
The SBA said only the disaster loan program was affected, not the Paycheck Protection Program, which did not begin until April 3 and which is handled by a separate system.
SBA spokeswoman Carol Wilkerson said the agency has notified the 7,913 owners whose information may have been exposed and offered them a year of free credit monitoring. The agency immediately disabled the affected part of its system, Wilkerson said.
In a letter to affected owners obtained by The Associated Press, the SBA said there is no evidence the exposed data has been misused. The information included names, Social Security numbers, birth dates, financial information, email addresses and phone numbers.
Business owners have had issues with the disaster loan website before. The site was taken down for maintenance for several hours on March 16, and owners could not apply during that time. On March 29, the SBA revised its application process for the disaster loans and owners had to reapply. Many learned days or weeks later that they needed to reapply.
“It’s frustrating that now I have to deal with that too,” said Adam Rammel, co-owner of Brewfontaine, a restaurant in Bellefontaine, Ohio. He received his disaster loan money Tuesday after a month's wait and also received a paycheck protection loan.
“I received money from them, but they didn’t have the greatest start,” he said of the SBA.