The University Of Maryland discovered, and reported a major data breach on Wednesday. While the number of records stolen from the University is minuscule compared to the data breach at Target, the length of the attack is what’s troublesome to many.

The University Of Maryland reports that 309,079 records were stolen that were linked to anyone that had been issued a University Of Maryland campus ID since 1998.

It has not been revealed how long this hack had been occurring. It’s not likely that hackers have kept an open window into the Univeristy’s data over the last 16 years. What’s more likely is that hackers discovered an archive of sorts with the information, or that the University’s database of IDs went back 16 years.

The data that was compromised included names, date of birth, social security numbers and student IDs. Obviously the combination of names, dates of birth and social security numbers are all that identity thieves would need to take over someone’s identity.

Also, college students are typically very early in the credit building process and have already started receiving student loans which makes them ripe targets for an attack of this kind.

The University has already created an internal task force looking into the breach. They are also offering one year of free credit monitoring to all of those affected.

“With the assistance of experts, we are handling this matter with an abundance of caution and diligence,” University President Wallace Loh said in a statement, reports CNN Money. “I regret this breach of our computer and data systems. We are doing everything possible to protect any personal information that may be compromised.”

The breach affects students and faculty at the University’s main Collegr Park campus as well as at their remote Shady Grove campus in Rockville Maryland. The college park campus alone has over 37,000 students and 5,000 faculty members per year.