The breach was discovered on February 28, 2014.
The five servers held the names, birthdates and Social Security numbers of 29,780 students who were enrolled at Iowa State between 1995 and 2012. They also held another 18,949 students' university ID numbers.
Still, the hackers don't appear to have been targeting that data.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
"The servers were hacked by an unknown person or persons who intended to generate enough computing power to create Bitcoins. ... The five compromised servers are network-attached storage devices made by Synology," the university said in a statement. "Other Synology users have reported similar (Bitcoin mining) attacks by criminals."
All those affected are being offered free access to one year of identity protection services from AllClear ID.
"In response to this incident, we have deleted the files that contained your information; decommissioned the servers that contained the student data, and physically destroyed them; ensured operating software on similar servers is up to date; and we are scanning information technology systems for protected information," university senior vice president and provost Jonathan Wickert wrote in the notification letter [PDF] to affected students.