Data breach hits MSU

On Friday afternoon, Michigan State University released a statement saying that “unauthorized users” were able to obtain access to a university database containing about 400,000 records, including names, social security numbers and MSU identification numbers.

The hacker or hackers (the university isn’t releasing that information yet) were able to get into the database sometime this past Sunday and the website was taken offline for 24 hours after the breach. Although the database contains information for over 400,000 current MSU students and alumni, the university is claiming that the hackers were only able to receive records for 449 people.

“At Michigan State University, we are committed to data and privacy protection,” according to the statement. “Regrettably, we were recently the target of a criminal act in which unauthorized users gained access to our computer and data systems. Information security is a top priority of our university, and we know the frustration this is causing members of our community.”

Jason Cody, a university spokesperson, says that the university is working with federal agents and an MSU computer forensics team to figure out who all was behind the breach. The news was released to the public on Friday afternoon because MSU needed time to contact those who were affected.

The breach contained records for all faculty and staff employed by the university between 1970 and Nov. 13, and all students who attended the university between 1991 and 2016.

Starting Tuesday, Nov. 22, the university is offering to pay for up to two years of identity theft protection, fraud recovery, and credit monitoring for affected individuals. For details on these services, visit this website.

This story will be updated as more information becomes available.