Reports have surfaced that the University of Maryland’s central student and staff registration servers have been hacked, and that the personal details and information of just shy of 310,000 employees and pupils at the school were lost in the attack.
“The University of Maryland was the victim of a sophisticated computer security attack that exposed records containing personal information,” said Brian Voss, vice-president of the university’s IT department, in a statement today. “Since that time, we have been working around the clock to ensure the breach has been contained and that other data systems are protected.”
Both the talents of the security firm MITRE and the Secret Service are being employed to investigate the problem, and each have been working around the clock since Friday morning to mend the issue as soon and silently as possible.
And you might be asking yourself; why get the Secret Service involved?
Well, it turns out what makes this attack particularly interesting (beyond the sheer number of identities stolen), is that the University of Maryland plays a special role in the heart of the NSA, whose main headquarters is a short 20-mile jaunt up the road from their campus. The National Security Agency even maintains a secure facility on the same hallowed grounds that the students use to study, known only to outsiders as the Center for Advanced Study of Language, or CASL.
It’s at this facility that Edward Snowden supposedly got his very first job with the NSA, working as a security guard for the front gate and checking the IDs of visitors as they attempted to gain access to the building.
So far no one has found reason to suspect those behind the attack specifically set out to target the NSA, and from the information gathered it looks as though the attack was just a standard attempt at grabbing SSNs to use for purposes of financial crime and identity theft.
The University has promised everyone involved in the heist that they will be providing a free, complimentary year of credit monitoring service, and have also agreed to match any funds lost from their accounts as a result of the mishap.