Skip to main content
Cloudy icon
36º

Michigan State University announces third-party data breach which could result in exposure for community

Over 500 entities, 30 million individuals in US have been impacted by data breach

Michigan State University has been hit by a widespread data breach impacting hundreds of entities who use a particular software program, potentially exposing community members’ data.

Michigan officials announced Wednesday that third-party service providers National Student Clearinghouse and Teachers Insurance and Annuity Association of America were affected by the recent MOVEit data breach. The large-scale data breach was conducted by a foreign-based ransomware group called Clop, which reportedly exploited a security flaw in the MOVEit Transfer software.

Hackers were able to compromise large numbers of MOVEit software’s customers, including federal and state agencies, financial services organizations, and numerous others. No information has been revealed about whether the hackers could access personal information.

Officials say Clop, instead of contacting the organizations that it had hacked, posted a blackmail message on the dark web where they instructed victims to contact them directly.

It has been approximated that over 500 entities and 30 million individuals in the United States have been impacted by the data breach.

“This was a global data breach that has reached over 500 entities and into the personal information of over 30 million Americans, and now it is confirmed to have crept onto campus at MSU,” said Michigan Attorney General Dana Nessel. “These kinds of attacks are becoming more common and wider-reaching, and the broad community of MSU students, staff, and retirees should take very seriously any indication that their data was stolen. Any Michigan resident who believes their information might have been compromised or that they are the victims of identity theft can contact the consumer protection team in my office.”

Nessel has encouraged Michigan consumers to protect their information -- click here for ways to do that.

MSU information technology and security experts recommend employees, students, and the public take the following actions to best protect themselves during a breach:

  • Be aware of the possibility of phishing emails.
  • Use multifactor authentication on devices and accounts whenever possible (this is already required for most MSU logins).
  • Do not maintain data and files that are not needed.
  • Pull a free credit report annually. You may obtain a free copy of your credit report from each of the three major credit reporting agencies once every 12 months by visiting the Annual Credit Report website or by calling toll-free 877-322-8228.

To file a complaint with the Attorney General, or get additional information, fill out on online complaint form here, or contact:

Consumer Protection Team

P.O. Box 30213

Lansing, MI 48909

517-335-7599

Fax: 517-241-3771

Toll-free: 877-765-8388


About the Author
Brandon Carr headshot

Brandon Carr is a digital content producer for ClickOnDetroit and has been with WDIV Local 4 since November 2021. Brandon is the 2015 Solomon Kinloch Humanitarian award recipient for Community Service.

Loading...