security-strengthen-IT

University data breach prompts ‘top-to-bottom’ IT review


One week after a sophisticated cyberattack exposed more than 300,000 personal records of University of Maryland (UMD) students and alumni, university President Wallace Loh said he would launch a comprehensive investigation of the school’s computing and information systems.

data-breach-university

“State and federal law enforcement agencies, the U.S. Secret Service, consultants from the MITRE Corporation, and our own campus IT security personnel are working together to find out how the attackers penetrated our multiple layers of security,” Loh said in a recent message to students and alumni.

The investigation will seek to accomplish three goals that will identify and resolve vulnerabilities in UMD’s network infrastructure, according to the message Loh released on the university’s website.

The investigation will scan existing databases on the university’s servers to determine where personal information is located, and then depending on the database destroy the personal information or add more digital security measures to protect them.

Register now for our free webinar on March 18 at 2:00 p.m. EST for a special session on how campuses can leverage cloud-based storage solutions to cut costs and protect their database.

In addition to determining where sensitive data is stored, the investigation will determine how strong UMD’s cybersecurity is through a series of penetration tests which will highlight potential security shortcomings that could be exploited by cybercriminals.

The President’s Task Force will also review UMD’s existing IT systems to find a balance between centralized systems, or those operated by the university, and decentralized systems, which are unit operated.

The review will ensure that that the security measures for both systems are up to UMD’s standards.

For now, students are encouraged to call Experian and sign up for five free years of credit monitoring, which became available to all those effected on Feb. 25.

However, due to the high volume of calls Experian has been unable to assist all of the people who were affected by the data breach.

“Obviously you never want your social security number out there,” said Robbie Feinberg, a senior journalism major UMD. “It makes me concerned in the sense that I’ll definitely question the safety of having all of my personal info in one place. I’ll definitely be taking advantage of the one year of free credit checks they’re offering. ”

Other students are not as optimistic about the recent news, and the response from the university.

Senior journalism major, Josh Axelrod, said he received a notification from his bank regarding suspicious activity on his account only a few days after the data breach.

“The timing makes me very suspicious” he said. “I think if it turns out the school was responsible they should have to pay back whatever money was taken from my account. I’m 100 percent sure that’s not going to happen, but I think they should be held more accountable.

Technology experts on campus held the first of several meetings Feb. 26 to address the network security breach, said Jonathan Katz, a spokesman from the Maryland Cybersecurity Center, one of the departments sending a representative to be part of Loh’s new task force.

eCampus News reached out to university administration and the Division of Information Technology for an update on the investigation after yesterday’s meeting. UMD officials have said they cannot provide any new insight into the ongoing investigation.

Peter Sclafani is an editorial intern at eCampus News.

Sign up for our newsletter

Newsletter: Innovations in K12 Education
By submitting your information, you agree to our Terms & Conditions and Privacy Policy.

Sign up for our newsletter

Newsletter: Innovations in K12 Education
By submitting your information, you agree to our Terms & Conditions and Privacy Policy.