As U.S. university and college students look to return back to campus this fall, chances are they have plenty on their mind going into the first post-pandemic semester. And perhaps one thing that is way down on their to-do list is to consider how vulnerable they’re to ID theft.

Truth be told: cybercrimes against students continue to rise, especially against those who report to university campuses and use university resources. According to BlueVoyant’s Cybersecurity in Higher Education 2021 report, ransomware attacks on colleges increased twofold between 2019 and 2020.

Here’s why colleges and universities have become a sought-after target: They are a goldmine of personal identifiable information. They have large student populations with fresh credit histories, plus alumni and employee data. University and college databases often store a wide variety of valuable information, everything from loans and bank account information to social security numbers and passport information — even healthcare data.

It goes deeper. Even businesses used by universities are being targeted. Herff Jones, the company that offers graduation merchandise through Barnes & Noble at Boston University, as well as regalia such as class rings and yearbooks for other colleges and universities across the country, in May fell victim to a cyberattack that compromised thousands of student customers’ personal payment credit card accounts.

The University of California also released a statement on this spring stating they were impacted by a cyberattack that affected at least 300 organizations including several universities, such as Stanford and the University of Maryland, Baltimore, and many government agencies. This data breach of personal information was due to a vulnerability in Accellion’s system, a third-party vendor that handles secure file transfers. Those behind the attack published online screenshots of personal information onto a website called Clop, which ranged from Social Security numbers to bank account information.

Colleges and universities can make easy targets for cybercriminals. To begin with, budget considerations at many institutions have meant insufficient spending on cybersecurity. Investments in security come at the cost of other items, and too often are put on the back burner. There is also the issue that college networks cover a huge space and provide students and staff access to many different applications and data. That can open doors for hackers.

College students can also make easy targets because they are often inexperienced with cyber-education and fall prey more easily to common hacking techniques.

Tips for Students to Protect Their Personal Information

1. Digital Security and Online Privacy

Make sure your online security systems are up to date. Your connected devices should have updated operating software, antivirus and apps. Turn the auto-updates on. It’s important to have the latest protection against viruses, malware and other threats.

2. Monitor Your Credit

Having a identity theft and credit monitoring service can alert you to major changes in your credit scores and other suspicious activity, which can be the first sign a criminal has your personal information.

3. Improve Your Password Security

Do not use the same password for different services. Avoid passwords that are easy to guess, such as those that include your name, birthday or address. A password manager also can help you keep track of unique, hard-to-crack passwords.