cyber
confidence high
sentiment negative
materiality 0.70
Navient discloses ransomware attack at third-party law firm exposing borrower data
NAVIENT CORP
- Incident discovered June 8, 2026; involved ransomware at a law firm providing legal services to Navient.
- Exposed borrower data includes names, dates of birth, addresses, and Social Security numbers.
- No evidence of unauthorized access to Navient's own systems; operations and customer services unaffected.
- Company determined incident material on June 29, 2026 due to volume and sensitivity of data.
- Navient does not expect the incident to have a material impact on financial condition or results.