College students may not consider that information related to their identity could be stolen from school computers, but that possibility became a reality for students at the University of Maine last week.
Hackers breached a pair of file servers containing the personal information of more than 4,000 students at the university's Orono campus who had sought mental health services from the campus counseling center, according to the Associated Press. The information the hackers were able to access contained both names and Social Security numbers of students dating back to 2002. The reports also contained sensitive clinical information.
The AP said the servers contained information on 4,585 students, though there's no way of knowing if the data was viewed or downloaded. Campus police are leading the investigation in conjunction with federal prosecutors and members of the Secret Service. The university took the website down last week because the system could have exposed other users' computers to hackers if they clicked on harmful links.
According to the AP, the investigation was launched two weeks ago when staff at the counseling center reported trouble using files on the center's server. Investigators soon learned that hackers had been able to see the data as early as March 4, then got into the second server later.
The university has enlisted an identity theft protection service to help current and former students to watch for signs that their personal information is being used for fraudulent activity, the AP said. Anyone who visited the counseling center after August 8, 2002, should assume their information was stolen.
A recent report from consumer advice website Wallet Pop said that college students are at a high risk for identity theft because they don't believe they can be affected by it since they typically don't have much money. One expert told the site that 3.3 million college students, about one in 30, have their identities stolen every year.
Despite their lack of money, Wallet Pop says college students are prime targets for identity thieves because they have a lax attitude toward protecting their personal information and typically have pristine, if a bit lacking, credit histories. Identity thieves count on victims not noticing the damage they do until it's too late, which is common for college students who typically don't check their credit score or report before they graduate.