The University of Maryland said one of its databases was the “victim of a sophisticated computer security attack” that exposed the personal information of more than 300,000 faculty, staff, students and others who were issued an ID at their College Park and Shady Grove campuses.
“I am truly sorry,” Wallace D. Loh, the university president said in a statement. “Computer and data security are a very high priority of our University.”
The records stolen included names, Social Security numbers and date of birth. According to the president, the records were kept by their IT Division and date back to 1998.
The Washington Post takes a broader look at the breach:
“Meghan Land, a staff lawyer for the Privacy Rights Clearinghouse, a nonprofit group based in San Diego, said the U-Md. breach was large and significant because it included Social Security numbers. A list kept by the clearinghouse indicates that many colleges have faced data security problems in recent years.
“Ohio State University said in 2010 that hackers had penetrated a college server that contained the names, birth dates and Social Security numbers of 750,000 people, exposing them to risk of identity theft. Last year, the University of Virginia said that Social Security numbers of more than 18,000 students were mistakenly printed in the address field of health insurance brochures that were mailed to their homes.”
Of course, this also comes after high-profile hacks into the servers of big retailers. The Target breach, for example, affected 70 million customers.
Because of the breach, the university is offering a year of free credit monitoring for free.