The University of Maryland is the latest victim of a significant data breach after experiencing what school officials described as a “sophisticated computer security attack” that exposed records containing personal information.
According to a letter from Wallace Loh,Presidentof the University,a database was breached on Feb. 18 that contained 309,079 records of faculty, staff, students and affiliated personnel from the College Park and Shady Grove campuses who have been issued a University ID since 1998.
Loh said he was notified about the breach by Brian Voss, Vice President of Information Technology, and that records accessed by the intruder(s) included name, Social Security number, date of birth, and University identification number. No other information was compromised, Loh said, including financial, academic, health, or contact information.
“With the assistance of experts, we are handling this matter with an abundance of caution and diligence,” Loh wrote in the letter. “Appropriate state and federal law enforcement authorities are currently investigating this criminal incident. Computer forensic investigators are examining the breached files and logs to determine how our sophisticated, multi-layered security defenses were bypassed. Further, we are initiating steps to ensure there is no repeat of this breach.”
Call it too little too late if you like, but Loh said the University recently doubled the number of its IT security engineers and analysts, and doubled its investment in security tools.
“Obviously, we need to do more and better, and we will,” Loh said.
The University is offering one year of free credit monitoring to all affected individuals.
SecurityWeek has reached out to the University to get additional information on the attack and will update this story if additional informaiton is recieved.
Relared Reading:Cybercriminals Increasingly Attacking University Networks
Related Reading:The College Cyber Security Tightrope: Higher Education Institutions Face Greater Risks
Tweet
Managing Editor, SecurityWeek.Previous Columns by Mike Lennon:University of Maryland Hacked: Attackers Steal 309,000 Records of Faculty, Staff, StudentsSynopsys to Acquire Coverity for $375 MillionIOActive Issues Statement on Belkin Vulnerability DebateNew Zeus Variant Found Targeting Salesforce.com AccountsBluebox Security Launches Enterprise Mobile Security Solution
sponsored links
Tags: NEWS INDUSTRY
Incident Management
Cybercrime
