Cyber Attack cyber

Louisiana Office of Student Financial Assistance (LOSFA)

Nov 25, 2025 2 min read
Louisiana Office of Student Financial Assistance (LOSFA)

LOSFA experienced a cyber incident that disrupted its operations, forcing systems associated with the START 529 college savings programs (including START, START K-12, and START ABLE) to be taken offline as a precautionary containment measure. While forensic analysis later confirmed these accounts were not compromised, the attack caused delays in financial transactions, requiring LOSFA to coordinate with institutions nationwide to honor pending payments. The agency had to communicate extensively with account holders to restore trust, explain the outage, and address concerns. Though no data breach or ransomware was confirmed, the incident triggered a third-party investigation with support from Louisiana State Police and the Governor’s Office of Homeland Security. Systems were restored only after confirmation of no involvement, but the disruption highlighted vulnerabilities in financial aid infrastructure, risking reputational damage and operational downtime for a state-managed service critical to students and families.

Source: https://www.wafb.com/2025/11/25/losfa-says-start-college-savings-accounts-were-not-hit-cyber-attack/

Louisiana Office of Student Financial Assistance (LOSFA) cybersecurity rating report: https://www.rankiteo.com/company/losfa

"id": "LOS5292752112525",
"linkid": "losfa",
"type": "Cyber Attack",
"date": "11/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'customers_affected': 'START account holders (though '
                                              'accounts were confirmed '
                                              'unaffected)',
                        'industry': 'Education/Financial Aid',
                        'location': 'Baton Rouge, Louisiana, USA',
                        'name': 'Louisiana Office of Student Financial '
                                'Assistance (LOSFA)',
                        'type': 'Government Agency'}],
 'customer_advisories': ['START account holders were notified about the '
                         'incident, access restoration, and provided support '
                         'contact (start@laregents.edu). TOPS users were '
                         'directed to custserve@la.gov or (225) 219-1012 for '
                         'assistance.'],
 'date_publicly_disclosed': '2024-11-25',
 'description': 'Louisiana’s student financial aid agency (LOSFA) experienced '
                'a cyber incident that disrupted operations, delayed payments, '
                'and prompted a third-party investigation. The START college '
                'savings accounts (START, START K-12, and START ABLE) were '
                'confirmed unaffected. Systems were taken offline as part of '
                'containment, and key systems were later restored securely. '
                'The agency coordinated with institutions to honor delayed '
                'payments and communicated with account holders to restore '
                'access and address concerns.',
 'impact': {'downtime': 'Systems taken offline during containment; duration '
                        'unspecified',
            'operational_impact': 'Disrupted operations, delayed payments, '
                                  'systems offline during forensic analysis',
            'systems_affected': ['LOSFA operational systems (excluding START, '
                                 'START K-12, and START ABLE accounts)']},
 'investigation_status': 'Ongoing (third-party investigation in progress; '
                         'details to be released upon completion)',
 'references': [{'source': 'WAFB 9 News'}],
 'response': {'communication_strategy': ['Contacted institutions to honor '
                                         'delayed payments',
                                         'Communicated with START account '
                                         'holders to explain situation and '
                                         'restore access',
                                         'Provided email/phone support for '
                                         'affected users'],
              'containment_measures': ['Systems associated with 529 college '
                                       'savings programs taken offline',
                                       'Forensic analysis conducted'],
              'enhanced_monitoring': 'Ongoing monitoring of restored systems',
              'incident_response_plan_activated': True,
              'law_enforcement_notified': True,
              'recovery_measures': ['Key START systems restored securely',
                                    'Outstanding deposits processed',
                                    'Ongoing monitoring for suspicious '
                                    'activity'],
              'third_party_assistance': ['Third-party cyber analysis firm',
                                         'Louisiana State Police',
                                         'Governor’s Office of Homeland '
                                         'Security and Emergency '
                                         'Preparedness']},
 'stakeholder_advisories': ['Institutions across Louisiana and the country '
                            'were contacted to honor delayed payments'],
 'title': 'Cyber Incident at Louisiana Office of Student Financial Assistance '
          '(LOSFA)',
 'type': 'Cyber Incident (unspecified, possibly ransomware or system '
         'disruption)'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.