Apparently Penn State’s College of Engineering has been hacked. They’ve known about the hack for almost 6 months but used that time to monitor the attack and plan for the remediation.
In the past year the following colleges have either been hacked or had their network taken offline by a DDOS attack: University of Maryland, Johns Hopkins, University of Delaware, Virginia Tech, Arizona State, Rutgers.
In addition to the usual haul of usernames, passwords, social security numbers, etc. hackers are also after valuable research data. And they’ll get it. Sooner or later.
Companies are clearly not immune to these attacks. Just ask Target. It would be foolish to think that colleges will fare better.
Honestly I don’t think it’s a question of if your school gets hacked, but a question of when. Beyond that, how will you handle it?