Steven Ragan at CSO writing about about Penn State was hacked purportedly by Chinese attackers according to forensics and analysis conducted by Mandiant:
Last November, university officials explained, the school was contacted by the FBI and alerted to an attack of “unknown origin and scope” on the College of Engineering network. Shortly after the FBI alerted the school to the problems, they contacted Mandiant in order to hire FireEye to help with internal investigations.
“The investigation revealed the presence of two previously undetected, sophisticated threat actors on the college’s network. Mandiant has confirmed that at least one of the two attacks came from a threat actor based in China, which used advanced malware to attack systems in the college. The investigation has revealed that the earliest known date of intrusion is September 2012,” the school’s statement continued.
The investigation so far has turned up nothing to suggest that PII (e.g. Social Security Numbers) or financial data was compromised. However, there has been evidence that a number of usernames and passwords issued by the College of Engineering were compromised during the attack.
Considering how the malicious actors targeted the Penn State college of Engineering, I think it is safe to say they were after intellectual property and other similar data. The primarily goal of this attack undoubtedly was not to steal PII but to exfiltrate university engineering related IP.
Because of how university networks are, generally speaking, fairly open networks, attacks like this are only going to increase as China, and other developing nations with sophisticated computer network operations skills, look to strengthen their industrial capabilities.
Disclaimer: I work for Intel Security, a FireEye/Mandiant competitor.