Cyber Incident Victim: Mott Community College

Mott Community College experienced a data security breach involving unauthorized access to its systems between November 27, 2020, and January 9, 2021. The intrusion was discovered on January 23, 2021, when the college determined that an external actor had transferred files from one of its systems outside the network. These files potentially contained information related to the institution's self-insured dental plan. The college publicly addressed the incident in a March 24, 2021 announcement, confirming the breach timeline and data exposure. No specific details were provided regarding the number of affected individuals or the exact nature of the compromised dental plan information. The breach window spanned approximately six weeks before detection, indicating sustained unauthorized access to college systems.

Following discovery, Mott Community College initiated an investigation to assess the breach scope and impact. The institution secured its systems and implemented corrective measures to address the security vulnerability that permitted unauthorized access. While the college confirmed data exfiltration occurred from a specific system housing dental plan records, no evidence suggested broader compromise of academic or financial systems. The March 24 announcement served as the primary public notification, though the college did not disclose whether affected individuals received direct notifications or if regulatory agencies were formally informed. No information was provided regarding forensic methodology, attacker identification, or specific security controls implemented post-incident.