University of Maryland President Dr. Wallace Loh announced yesterday that a cyber-attack on the university’s servers resulted in the theft of personal information about 309,079 students, faculty, staff, and university-affiliated personnel who were issued university ID cards at either the College Park or Shady Grove campuses dating back to 1998. A coalition of UMD IT staff and law enforcement personnel are still trying to determine who was behind the attack.
Names, Social Security Numbers, dates of birth, and University ID numbers were obtained in yesterday’s breach. While “no financial, academic, health, or contact (phone, address) information” has been compromised, the data exposed could be used to break into bank accounts, steal victims’ identities, or even hack their social media. UMD is offering one year of free credit monitoring to those affected by this issue. A hotline phone number (301-405-4440) and email account (firstname.lastname@example.org) have been set up for individuals to contact the University about this issue.
Office of Information Technology staff here at St. Mary’s will be monitoring the University of Maryland situation to gain information that we can apply to our own ongoing efforts to secure St. Mary’s administrative data systems against cyber-attacks. Meanwhile, keep in mind the many ways in which you can assist us in these efforts. Prevention is the key to keeping your devices and accounts safe. Remember the following to help prevent any issues:
On unsecured networks and devices
- Try not to shop or sign into bank accounts over unsecured networks – the information you send and receive from websites is visible to anyone else on the network.
- Automatically lock your device when not in use – this helps to prevent others from accessing accounts/information saved on the device.
- Make sure to sign out of accounts, and clear browsing data on shared computers – not everyone will log you out, some might take advantage of an open account.
- Be careful with whom you share information – once on the web, it is hard to permanently delete some data. A good rule of thumb is to make sure that you’re comfortable with whatever you post online being visible forever.
- If you see any suspicious email, hit the Report Spam button in Gmail – this both deletes the email, and makes sure that Google staff are notified. The IT Support center cannot do anything about these emails.
- Do not click suspicious links – like driving a car, try to figure out where you’re going before you get there, or you may have an accident.
For more information on how to keep your information safe, please consult Google’s Safety Center, which contains information on how to safely operate on the internet for both individual and family users.