Univ. of Maryland Reports Major Breach
310,000 Records Compromised in 'Sophisticated Attack'The University of Maryland is notifying almost 310,000 current and former students, faculty, staff and affiliated personnel that their personal information was breached in a "sophisticated computer security attack" on Feb. 18.
See Also: Why Active Directory (AD) Protection Matters
The breached database contains records for individuals who had been issued a university ID at the College Park and Shady Grove campuses since 1998, according to a Feb. 19 letter from Wallace Loh, the university's president.
Information that was exposed includes name, Social Security number, date of birth and university identification number. No financial, academic, health or contact information was compromised, the letter says.
Upon learning of the incident, the university notified state and federal law enforcement authorities. "Computer forensic investigators are examining the breached files and logs to determine how our sophisticated, multi-layered security defenses were bypassed," Loh notes in the letter. "Further, we are initiating steps to ensure there is no repeat of this breach."
The university is offering those affected by the breach one year of free credit monitoring services. It also has established a hotline to answer questions regarding the incident.
"Universities are a focus in today's global assaults on IT systems," Loh says in the letter. "We recently doubled the number of our IT security engineers and analysts. We also doubled our investment in top-end security tools. Obviously, we need to do more and better, and we will."
The university did not immediately respond to a request for comment.