Email

Michigan State University Announces Third Party Data Breach That Could Affect MSU Community

Michigan Department of Attorney General
From Michigan Department of Attorney General <[email protected]>
Subject Michigan State University Announces Third Party Data Breach That Could Affect MSU Community
Date August 9, 2023 8:04 PM
  Links have been removed from this email. Learn more in the FAQ.
  Links have been removed from this email. Learn more in the FAQ.
Nessel Email Header




*FOR IMMEDIATE RELEASE:*

August 9, 2023




*Media Contact:
*Danny Wimmer <[email protected]>






Michigan State University Announces Third Party Data Breach That Could Affect MSU Community





*LANSING *- Michigan State University recently announced that third-party service providers National Student Clearinghouse (NSC) and Teachers Insurance and Annuity Association of America (TIAA) were affected by the recent MOVEit data breach, resulting in the potential exposure of MSU community members’ personal data. 

It is unknown if the hackers were able to access personal information. NSC and TIAA will provide the University a list of any students or retirees whose information may have been exposed and affected individuals will be individually notified. 

This large-scale data breach was conducted by a foreign-based ransomware group, known as “Clop”, who exploited a security flaw in the MOVEit Transfer software. Progress Software, which develops the MOVEit software, patched the vulnerability, but not before hackers compromised large numbers of its customers, including federal and state agencies, financial services organization, and numerous others. ‘Clop’ did not contact the organizations it had attacked, instead posting a blackmail message on the dark-web instructing victims to contact them directly.  

While the exact number is still unknown, it is approximated that over 500 entities and 30 million individuals in the United States have been impacted by the data breach. MSU reports that NSC created a webpage [ [link removed] ] for students to stay up to date, and that TIAA’s partner, Pension Benefit Information, LLC, created a similar site [ [link removed] ] for retirees to stay informed.   

Attorney General Nessel encourages Michigan consumers to take steps to protect their information. For more information, please read the Attorney General’s Consumer Alert Data Breaches, What to do Next [ [link removed] ]. 

“This was a global data breach that has reached over 500 entities and into the personal information of over 30 million Americans, and now it is confirmed to have crept onto campus at MSU,” said Nessel. “These kinds of attacks are becoming more common and wider reaching, and the broad community of MSU students, staff, and retirees should take very seriously any indication that their data was stolen. Any Michigan resident who believes their information might have been compromised or that they are the victims of identity theft can contact the consumer protection team in my office.” 

MSU information technology and security experts recommend employees, students and the public to take the following actions to best protect themselves during a breach:   


* Be aware of the possibility of phishing emails [ [link removed] ];   
* Create effective passwords [ [link removed] ];   
* Use multifactor authentication on devices and accounts whenever possible (this is already required for most MSU logins);
* Do not maintain data and files that are not needed; and
* Pull a free credit report annually. You may obtain a free copy of your credit report from each of the three major credit reporting agencies once every 12 months by visiting the Annual Credit Report website [ [link removed] ] or by calling toll-free 877-322-8228.  

To file a complaint with the Attorney General, or get additional information, contact:

Consumer Protection Team
P.O. Box 30213
Lansing, MI 48909
517-335-7599
Fax: 517-241-3771
Toll-free: 877-765-8388
Online complaint form [ [link removed] ]

###






AG logo [ [link removed] ]





*Media Inquiries* <[email protected]>




*Latest Releases* [ [link removed] ]




*File a Complaint* [ [link removed] ]







________________________________________________________________________

Michigan Department of the Attorney General   Questions?
  Contact Us [ [link removed] ]

STAY CONNECTED: Visit us on Facebook [ [link removed] ] Visit us on Twitter [ [link removed] ] YouTube [ [link removed] ] Sign up for email updates [ [link removed] ]  

Bookmark and Share [ [link removed] ]

SUBSCRIBER SERVICES:
Manage Preferences [ [link removed] ]  | Help [ [link removed] ]

________________________________________________________________________

This email was sent to [email protected] using GovDelivery Communications Cloud on behalf of: Michigan Attorney General · G. Mennen Williams Building, 7th Floor · 525 W. Ottawa St., P.O. Box 30212 · Lansing, MI 48909 · 517-373-1100
Screenshot of the email generated on import

Message Analysis

The Archive of Political Emails is a project of Defending Democracy Together Institute. Please email [email protected] with any questions.