This article is from the source 'washpo' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at http://www.washingtonpost.com/local/college-park-shady-grove-campuses-affected-by-university-of-maryland-security-breach/2014/02/19/ce438108-99bd-11e3-80ac-63a8ba7f7942_story.html?wprss=rss_homepage
The article has changed 6 times. There is an RSS feed of changes available.
| Version 0 | Version 1 |
|---|---|
| U-Md. computer security attack exposes 300,000 records | |
| (about 2 hours later) | |
| More than 300,000 personal records for faculty, staff and students who have received identification cards at the University of Maryland were compromised in a computer security breach this week, school officials said. | |
| The breach occurred at about 4 a.m. Tuesday, when an outside source gained access to a secure records database that holds information dating back to 1998. Brian Voss, vice president and chief information officer at U-Md., said officials believe that whoever got into the database duplicated the information, which includes names, Social Security numbers, dates of birth and university identification numbers for 309,079 people affiliated with the school on its College Park and Shady Grove campuses. | |
| The hackers did not change anything within the university’s computer system, but Voss said the attackers essentially “made a Xerox of it and took off.” | |
| Voss said what most concerns him is the sophistication of the attack: The hacker or hackers must have had a “very significant understanding” of how the school’s data are designed and protected. Voss said the security breach appears to be in contrast with typical attacks, in which “someone left the door open,” creating an easy opportunity for any hacker, Voss said. | |
| “That’s not what happened here,” Voss said. “There’s no open door. These people picked through several locks to get to this data.” | |
| In a letter to the university community, President Wallace D. Loh said school officials are investigating the breach and doing what they can to prevent further intrusions. | |
| “Appropriate state and federal law enforcement authorities are currently investigating this incident,” Loh said. “Computer forensic investigators are examining the breached files and logs to determine how our sophisticated, multi-layered security defenses were bypassed.” | |
| Meghan Land, a staff attorney for the Privacy Rights Clearinghouse, based in San Diego, said the U-Md. breach was large and significant because it included Social Security numbers. A list kept by the nonprofit group indicates that many colleges have faced data security problems in recent years. | |
| Ohio State University said in 2010 that hackers had penetrated a college server that contained names, birth dates and Social Security numbers of 750,000 people, exposing them to risk of identity theft. The University of Virginia last year said that Social Security numbers of more than 18,000 students were mistakenly printed in the address field of health insurance brochures that were mailed to their homes. | |
| Loh said that U-Md. plans to provide free credit monitoring for a year to anyone whose information was compromised. | |
| Dan Goff, a graduate student at the University of South Carolina who studied at U-Md. for three semesters in 2003 and 2004, said he was “more annoyed than anything” when he heard about the security breach Wednesday evening. Within an hour, he submitted fraud alerts to three credit agencies. | |
| “It’s certainly a fact of life in the information age,” Goff said. |