by

Hackers Make Off With 300,000 Personnel Records at U. of Maryland

“A sophisticated computer-security attack” on the University of Maryland on Tuesday gave hackers access to more than 300,000 records of students, faculty and staff members, and others who have been issued university IDs on two of the system’s campuses since 1998.

According to a letter by Wallace D. Loh, the system’s president, experts are trying “to determine how our sophisticated, multilayered security defenses were bypassed,” and a criminal investigation is under way.

Brian D. Voss, the university’s vice president for information technology, told The Washington Post that the attackers got into the database, “made a Xerox of it, and took off.”

The hackers “picked through several locks to get to this data,” he said, suggesting they had a “very significant understanding” of how the database was constructed and safe-guarded.

The records, which concern people connected with the university’s College Park and Shady Grove campuses, contain names, birth dates, and Social Security numbers. Like many colleges and other institutions that have been the victims of hacker attacks, the university is offering a year of free credit monitoring to the people affected.

“We recently doubled the number of our IT security engineers and analysts,” President Loh wrote in his letter. “We also doubled our investment in top-end security tools. Obviously, we need to do more and better, and we will.”

Return to Top