The University of Maryland has sent out a notice to all faculty and staff alerting them of a recent attack on one of their databases. A total of 309,079 records were stolen as a result, this includes faculty, staff, and students. The records included names,social security numbers, date of births and university id numbers. This affects everyone affiliated with the College Park and Shady Grove campuses given an university ID since 1998. All of this information was stored on a single database which was managed by their IT division. The university is unsure of how the security breach happened. The incident is being investigated by federal and state law enforcement.
Recently the university has doubled the amount of IT security and analysis personnel working for them. Also stating that the doubled the amount of money invested into top-level security tools. Obviously this isn’t enough, or possibly too much? The more people that touch your system, the more people that know your system. I am sure we will find out how this occurs in a few weeks, or possibly never, but I wouldn’t doubt the possibility of an inside job.
The University is offering free credit monitoring for a year. Is a year long enough? This data could take over a year to be used. If you look at the image above, this is all the data needed for a credit application, this one specifically for Amazon. With the data that was received from the hack, anyone that has access to it or whoever purchased it on the black market could easily get some free money. This is only one possibility for the data holder to accomplish, there are many others. All of which can be done a year from now.