COLLEGE PARK, Md. - Hackers, breaching the University of Maryland’s personnel information database security, obtained social security numbers dating back to 1998, according to a message from university President Wallace Loh.
“I am truly sorry. Computer and data security are a very high priority of our University,” Loh said in the letter posted online.
The database contained 309,079 records of faculty, staff, students and affiliated personnel from the College Park and Shady Grove campuses who have been issued a university ID since 1998, the letter states. The information contained within the record include social security numbers, date of birth and college ID.
Hackers did not obtain financial, academic, health or contact information.
“With the assistance of experts, we are handling this matter with an abundance of caution and diligence,” Loh wrote in the letter. “Appropriate state and federal law enforcement authorities are currently investigating this criminal incident. Computer forensic investigators are examining the breached files and logs to determine how our sophisticated, multi-layered security defenses were bypassed. Further, we are initiating steps to ensure there is no repeat of this breach.
“The University is offering one year of free credit monitoring to all affected persons. Additional information will be communicated within the next 24 hours on how to activate this service.”
The incident was reported Tuesday evening by Brian Voss, Vice President of Information Technology, who called the attack "sophisticated."
Loh said more information would be posted to www.umd.edu/datasecurity/