The Legal Services Corporation (LSC) Office of Inspector General (OIG) has identified that monitoring of student loan assistance programs may present an emerging risk. Although our work to date has involved a few recently completed and ongoing oversight engagements, based on our professional judgment and experience we believe that LSC could consider taking steps to proactively enhance monitoring of student loan assistance funds.

Ransomware and other cyberattacks pose significant threats to the LSC grantee community. To assist LSC grantees and subgrantees in detecting and preventing these threats, the OIG encourages grantee IT departments to subscribe to CISA’s email updates. CISA’s notifications provide information about the most up-to-date security threats and solutions, such as recommended security patches. 

The OIG is implementing a “Cyber After Incident Report Form” to gather more information on reported cyberattacks. The information will be used to better assist grantees with their response and recovery in the event of an attack.