Cyber Incident Victim: Midland University

On January 18, 2021, Midland University in Nebraska discovered a ransomware attack that encrypted files on its network. The university immediately initiated an investigation with third-party computer forensic specialists to assess the nature and scope of the incident and notified federal law enforcement. Attackers gained access to certain files on the same day, encrypting data and exfiltrating a subset of files. Midland's response focused on three priorities: securing compromised systems, restoring operational access to minimize disruption, and determining whether unauthorized data access or theft occurred. The forensic investigation confirmed the attackers downloaded files but did not establish immediate evidence of data misuse.

The compromised files contained personally identifiable information, including names, addresses, Social Security numbers, driver’s license or state identification numbers, and financial account details. Midland notified 645 Iowa residents whose data was specifically exposed, as reported to the Iowa Attorney General’s office. A broader impact was revealed in the university’s filing with the Maine Attorney General, indicating 13,716 individuals were potentially affected nationwide. Notification letters were issued approximately one year after the breach discovery, reflecting the absence of federally mandated notification deadlines under FERPA, unlike HIPAA’s 60-day requirement. The incident did not disrupt university operations due to rapid containment and restoration efforts. Midland did not disclose whether a ransom was paid or identify the responsible threat actor.