University data breach prompts ‘top-to-bottom’ IT review

One week after a sophisticated cyberattack exposed more than 300,000 personal records of University of Maryland (UMD) students and alumni, university President Wallace Loh said he would launch a comprehensive investigation of the school’s computing and information systems.


“State and federal law enforcement agencies, the U.S. Secret Service, consultants from the MITRE Corporation, and our own campus IT security personnel are working together to find out how the attackers penetrated our multiple layers of security,” Loh said in a recent message to students and alumni.

The investigation will seek to accomplish three goals that will identify and resolve vulnerabilities in UMD’s network infrastructure, according to the message Loh released on the university’s website.

The investigation will scan existing databases on the university’s servers to determine where personal information is located, and then depending on the database destroy the personal information or add more digital security measures to protect them.

Register now for our free webinar on March 18 at 2:00 p.m. EST for a special session on how campuses can leverage cloud-based storage solutions to cut costs and protect their database.

In addition to determining where sensitive data is stored, the investigation will determine how strong UMD’s cybersecurity is through a series of penetration tests which will highlight potential security shortcomings that could be exploited by cybercriminals.

The President’s Task Force will also review UMD’s existing IT systems to find a balance between centralized systems, or those operated by the university, and decentralized systems, which are unit operated.

The review will ensure that that the security measures for both systems are up to UMD’s standards.

"(Required)" indicates required fields