TD Bank is a service provider for the University of New Hampshire.
On January 16, an employee e-mailed a file containing 674 students’ names and bank account numbers to the university, but failed to e-mail them in adherence with security protocols. The recipient notified the bank immediately. The university maintains the bank account numbers of accounts that are authorized to receive refund transactions.
TD Bank has no indication that the data were intercepted or misused in any way, but at the University’s request, they notified all affected students electronically. The bank is also offering two years of free credit monitoring services to eligible students (affected students who are not minors).
You can read their notification here (pdf).
Update: Their notification to Maryland.