It's tough enough to be a college student these days, with skyrocketing tuition costs, higher loan borrowing rates, and the peril of credit card debt just for living expenses.

Now 1.3 million borrowers from Texas Guaranteed Student Loan Corporation have a new problem -- their personal data was compromised, leaving them vulnerable to identity theft.

The Round Rock, TX-based lender said files on 10 percent of its borrowers were downloaded to an unidentified piece of equipment belonging to an employee of Hummingbird, a third-party contractor Texas Guaranteed had hired to provide a document management system.

The files had been securely encrypted for transmission, but once the unidentified employee decrypted the files and downloaded them onto the device, he or she lost it.

The device itself was password-protected, according to a statement by Hummingbird president Barry Litwin.

It would be "extremely unlikely" that the data would be misused, he said. "The privacy of customer data is of utmost importance to us and we take our responsibility to safeguard it very seriously. We deeply regret that this incident has occurred."

The missing data included names and Social Security numbers only, according to Texas Guaranteed. No other information was lost.

TG has set up a special Web site and toll-free phone number to address concerns from potentially affected individuals.

The disappearance was first reported by the Hummingbird employee on May 24th, but according to Texas Guaranteed's press statement, Hummingbird did not inform Texas Guaranteed of the loss until May 26th.

Hummingbird announced on May 27th that it was selling itself to a conglomeration of U.S.-based private equity firms, in response to sluggish stock performance and competitive woes.

The move drew criticism from investors who felt that the $465 million deal was too low of an offer, and that the company should have engaged in more competitive bidding.

The Texas Guaranteed data loss comes at a time of rising concern about identity theft and data breaches, following the loss of records for 26.5 million veterans from the Veterans Administration (VA).

The news that the VA knew about the data theft for three weeks before informing the public has led to the resignation of Michael H. McLendon, the deputy assistant policy secretary who supervised the unidentified data analyst responsible for the loss.

The Texas Guaranteed data loss also points up the danger of employees taking home sensitive data on laptops, CD-roms, and USB drives. Not counting the VA incident, the number of Americans at risk of fraud or identity theft due to the loss of devices containing personal data exceeds half a million.

MSNBC reporter Bob Sullivan, commenting on the repeated incidents of laptop and USB drive thefts, made a "modest proposal" on his blog that "workers should leave the work, at work," and not risk security and privacy by taking their work home with them.