Wallace D. Loh, the president of the University of Maryland, has published a letter to reveal that the educational institution’s systems have been breached by hackers. A database containing 309,079 records has been accessed.
According to Loh, the records included names, social security numbers (SSNs), dates of birth, and the university identification numbers of staff, faculty, students and affiliated personnel from the Shady Grove and College Park campuses. The data goes as far back as 1998.
Financial, academic, health and contact information has not been compromised.
“With the assistance of experts, we are handling this matter with an abundance of caution and diligence. Appropriate state and federal law enforcement authorities are currently investigating this criminal incident,” Loh said.
“Computer forensic investigators are examining the breached files and logs to determine how our sophisticated, multi-layered security defenses were bypassed. Further, we are initiating steps to ensure there is no repeat of this breach. “
Impacted individuals are being offered one year of free credit monitoring services. The university also warns those affected that they might be targeted with phishing scams.
The Diamondback reported that the breach was detected on Tuesday between 8 and 9 AM. The hackers copied the data between 4 and 5 AM.
Brian Voss, the university’s VP of IT and CTO, has told The Diamondback that the breach isn’t a “result of a faulty preventive systems or an IT mistake.” Instead, the attackers “worked around very stringent security” to access the data.
“Universities are a focus in today’s global assaults on IT systems. We recently doubled the number of our IT security engineers and analysts. We also doubled our investment in top-end security tools. Obviously, we need to do more and better, and we will,” Loh noted in his letter.