Chinese hackers targeted Penn State University's College of Engineering with two "advanced" data stealing cyber attacks, according to the FBI which first reported the attacks to the university in November 2014.
The campaign is believed to have compromised personally identifiable information pertaining to 18,000 individuals before detection.
The attackers reportedly used the stolen credentials to move through the university's systems, although it is unclear what further actions they took when inside the network.
"Investigators have found that only a small number of these accounts have been used by the attackers to access the network," wrote Penn State president Eric J. Barron in a public letter to staff and students.
The university said that it has hired Mandiant to investigate the breaches, and believes that the attackers are based in China.
"The investigation revealed the presence of two previously undetected, sophisticated threat actors on the college's network," read the university's threat advisory.
"Mandiant has confirmed that at least one of the two attacks came from a threat actor based in China, which used advanced malware to attack systems in the college.
"The investigation has revealed that the earliest known date of intrusion is September 2012."
Mandiant declined V3's request for further details about its investigation, such as how the hackers initially breached the university. However, Penn State described the attacks as "very advanced".
"At Penn State, our strong information security protocols and practices help us to repel more than 22 million hostile cyber attacks from around the world every day," read the advisory.
"That said, in this particular case we are dealing with the highest level of sophistication."
The Penn State attack is one of many cyber attacks believed to have been launched from China in recent months.
Mandiant parent company FireEye reported shutting down an attack using Microsoft's TechNet blog to distribute a dangerous Blackcoffee malware believed to have been mounted by the China-based APT17 DeputyDog hackers earlier in May.
The focus on the university's engineering department has caused concerns in the security community.
Tripwire security researcher Ken Westin told V3 that the attack should act as a warning to other universities.
"This should be a wakeup call to other colleges and universities. It is rare that only one institution is hit or targeted by an active cyber espionage campaign," he said.
"Given that the group was targeting engineering departments I think it is clear that the group was after intellectual property that could be valuable or provide an economic edge."
Westin added that he expects further attacks targeting universities in the very near future.
"Many times there is deep collaboration between higher education and private industry to commercialise research," said Westin.
"Combine this with the fact that higher education generally lacks the resources to develop a strong security posture, and you can see why they would be a target for sophisticated attackers.
"I hate to be the harbinger of bad news, but I don't think this is the only breach like this. I think there are quite a few more than have been detected, as well as many that haven't."
The news follows concerns about the activities of potentially state-sponsored Chinese hacker groups.
The US Department of Defence reported uncovering evidence that China is developing dangerous cyber attack tools that could knock a nation's infrastructure offline using data stolen during high-profile hacks, such as the raid on Penn State, earlier in May.
Infected apps have been downloaded more than 50 million times
Customers of regular price-raising ISP and cable operator claim nationwide outages started on Monday
Pixel 2 smartphones and a Pixel-branded laptop also planned by Google
The moment you've all been waiting for...