COLLEGE PARK, Md. (WUSA9) -- The University of Maryland announced Wednesday that 309,079 records of faculty, staff, students and affiliated personnel were breached, according to the University's president, in a note to students and faculty.
President Wallace D. Loh sent the letter out at around 6:00 p.m. on Wednesday. He said that people's financial records had not been compromised, even though all of their personal information was hacked.
Records dating back to 1998 were compromised, according to Loh.
On Feb. 21, University officials released the following statement:
"The University of Maryland continues to work around the clock to the address the data breach. Law enforcement authorities, including the U.S. Secret Service, are investigating and we have partnered with an outside cybersecurity firm to assist our computer forensic analysis. We are doing everything possible to discover how this happened so we can prevent further attacks.
UMD is offering free credit protection services for all affected persons. Beginning Tuesday, February 25, individuals may call 866-274-3891 to verify if their records were compromised and immediately activate this service.
We understand this breach is causing concern and consternation. Please know that we are doing everything possible to ensure the protection of our community's personal information as we move forward.
Here is the original letter by the President to the University of Maryland Community after the announcement:
Last evening, I was notified by Brian Voss, Vice President of Information Technology, that the University of Maryland was the victim of a sophisticated computer security attack that exposed records containing personal information.
I am truly sorry. Computer and data security are a very high priority of our University.
A specific database of records maintained by our IT Division was breached yesterday. That database contained 309,079 records of faculty, staff, students and affiliated personnel from the College Park and Shady Grove campuses who have been issued a University ID since 1998. The records included name, Social Security number, date of birth, and University identification number. No other information was compromised -- no financial, academic, health, or contact (phone, address) information.
With the assistance of experts, we are handling this matter with an abundance of caution and diligence. Appropriate state and federal law enforcement authorities are currently investigating this criminal incident. Computer forensic investigators are examining the breached files and logs to determine how our sophisticated, multi-layered, security defenses were bypassed. Further, we are initiating steps to ensure there is no repeat of this breach.
The University is offering one year of free credit monitoring to all affected persons. Additional information will be communicated within the next 24 hours on how to activate this service.
University email communications regarding this incident will not ask you to provide personal information. Please be cautious when sharing personal information.
We have established a website with FAQs at
. Any updates will be posted to this site. If you have any questions or comments, please call our special hotline at 301-405-4440 or email us at
Universities are a focus in today's global assaults on IT systems. We recently doubled the number of our IT security engineers and analysts. We also doubled our investment in top-end security tools. Obviously, we need to do more and better, and we will.
Again, I regret this breach of our computer and data systems. We are doing everything possible to protect any personal information that may be compromised.
Wallace D. Loh
President, University of Maryland
Here is the university's statement:
Within the last 24 hours, the University of Maryland has become aware of a sophisticated data security breach. This is regrettable, and I want to underscore that protecting personally identifiable information is a very high priority for this University.
We are handling this matter with an abundance of caution and diligence. A team of state and federal law enforcement officials, IT professionals and computer forensic specialists are investigating, and we are addressing the matter as we simultaneously and swiftly work to notify all who are affected. All affected persons will be offered one free year of credit monitoring.
As we learn more, we will be forthright and do everything possible to protect and inform our UMD community.
Wallace D. Loh, President
University of Maryland