A cyberattack at the University of Maryland Tuesday has exposed personal information of more than 309,000 students, staff and alumni from the College Park and Shady Grove campuses.
University President Wallace D. Loh said that a database of records belonging to the school's IT Division was breached. The records included names, Social Security numbers, dates of birth and university identification numbers. No other information was compromised -- financial, academic, health, or contact (phone, address) details.
Loh described the data breach as a criminal incident. He further said that school authorities have initiated an investigation into the breach.
"Appropriate state and federal law enforcement authorities are currently investigating this incident," Loh wrote. "Computer forensic investigators are examining the breached files and logs to determine how our sophisticated, multi-layered security defenses were bypassed," Loh said in a statement.
Loh said that the school is offering free credit monitoring for a year to anybody whose information was compromised.
Brian Voss, vice president and chief information officer at U-Md., said that the alleged hackers did not make changes to the university's computer system, but duplicated the information. He added that the suspects had a clear understanding of how the school's data is designed and protected, Washington Post reports.
Meghan Land, a staff lawyer for the Privacy Rights Clearinghouse, the data breach at the Maryland University is significant the Social Security numbers were involved.
Beth Givens, director of the Clearinghouse, said that universities are often targeted by hackers because they can create new accounts under different addresses.
Recently numerous colleges have suffered data security problems.
- Last year, a massive security breach at the University of Delaware compromised the information of 74,000 people, Baltimore Sun reports.
- The same year saw social security numbers of more than 18,000 University of Virginia students were printed on the health insurance brochures mailed to their homes.
- The social security numbers of about 24,000 College Park students were printed on mailing labels for parking brochures in 2008.
- In 2010, hackers breached an Ohio State University server that contained the names, birth dates and Social Security numbers of 750,000 people.