A "sophisticated computer security attack" at the University of Maryland exposed personal data from more than 300,000 students, faculty and staff, the college president said.
University president Wallace Loh notified the campus late Wednesday, adding in a statement "I am truly sorry."
Loh said the breached database "contained 309,079 records of faculty, staff, students and affiliated personnel from the College Park and Shady Grove campuses who have been issued a University ID since 1998."
The records included names, social security numbers, dates of birth, and University identification number.
"With the assistance of experts, we are handling this matter with an abundance of caution and diligence," Loh's statement said.
"Appropriate state and federal law enforcement authorities are currently investigating this criminal incident. Computer forensic investigators are examining the breached files and logs to determine how our sophisticated, multi-layered security defenses were bypassed."
The breach comes amid heightened security fears after US retail giant Target said hackers had stolen data affecting as many as 110 million customers.
Explore further: New technology to help users combat mobile malware attacks