The University of Delaware was on the 22nd July the recipient of a criminal attack on one of its systems. The criminals were able to steal files that contained 72,000 names, addresses and other personally identifiable information for past, present and student employees. The University is working with the Federal Bureau of Investigation and Mandiant to determine the scope of the attack after having taken immediate corrective action. The University has indicated that the attackers used a vulnerability in software acquired from an unnamed vendor.