ctipilot.ch

Home · Briefs · CTI Daily Brief — 2026-07-03

Navient discloses borrower SSN exposure from a ransomware hit on its outside law firm [SINGLE-SOURCE]

From CTI Daily Brief — 2026-07-03 · published 2026-07-03

Student-loan servicer Navient Corporation (Nasdaq: NAVI) filed a Form 8-K (Item 1.05) on 2026-07-02 disclosing a material incident that did not touch its own systems: on 2026-06-08 it learned a third-party law firm providing services to the company had suffered a ransomware attack against the firm's own systems, and that Company-related borrower data held by the firm — names, dates of birth, addresses and Social Security numbers — was accessed (SEC 8-K, 2026-07-02). Navient found no evidence of access to its own environment and no operational disruption but determined materiality on 2026-06-29 given the volume and sensitivity of the exposed data. No ransomware group is named and no leak-site posting has surfaced; this is the victim's own regulatory disclosure of a fourth-party compromise, and no independent press coverage of the filing was found in-window (single-source — see § 7).