In May 2015, Pennsylvania State University disclosed that its College of Engineering computer network had been compromised by two separate sophisticated cyberattacks. One was attributed to state-sponsored actors based in China. The FBI had been investigating since at least November 2014 and notified Penn State. The university took the College of Engineering network offline on May 15, 2015, to contain the intrusion and remediate. One attack had reportedly been present since approximately September 2012 — meaning the attacker had persistent access for over two years. Approximately 18,000 individuals (students, staff, and faculty) had data potentially exposed, including Social Security numbers and other personal information. The targeting of an engineering school with significant defense-related research contracts made this incident notable — the suspected motive was theft of technical research and intellectual property rather than financial fraud. Penn State brought in cybersecurity firm FireEye/Mandiant to assist with forensics and remediation. The incident highlighted the vulnerability of university research networks, which combine open academic culture with sensitive government-funded research.