Michigan State University has experienced a data breach, which it said took place on November 13th.
It is believed that ‘only 449’ people are thought to have been compromised, after an unauthorized party gained access to its database (which contains over 400,000 records).
The information exposed by the data breach includes the names, social security numbers and university identification numbers of past and present students and employees.
Within 24 hours of the data breach, the records were taken offline, the university confirmed.
MSU President Lou Anna K. Simon issued a statement about the breach, which can be read here.
At Michigan State University, we are committed to data and privacy protection. Regrettably, we were recently the target of a criminal act in which unauthorized users gained access to our computer and data systems. Information security is a top priority of our university, and we know the frustration this is causing members of our community.
We have a deep sense of obligation to our MSU family, and we are taking aggressive action to protect any personal information that may have been compromised. Only 449 records were confirmed to be accessed within the larger database to which unauthorized individuals gained access. However, as a precaution, we will provide credit monitoring and ID theft services for any member of our community who may have been impacted by this criminal act. We also will continue to work diligently in our efforts to protect the integrity of our data systems and improve the security of information that is entrusted to us.
The university has also assured worried students, staff and alumni that the database did NOT contain other highly sought after sensitive information, such as passwords and financial or medical information.
The university is working on improving the security on campus, while offering individuals on the database two years of free identity theft protection, fraud recovery and credit monitoring.
Universities are increasingly under attack from cybercriminals, which can cause all sorts of problems.
For example, earlier this year, the University of Calgary suffered a ransomware attack.
As a result, it decided to pay the ransom of $20,000 CND, which most experts do not recommend.