Michigan State University

Michigan State University, headquartered in the United States, experienced a significant cybersecurity incident in 2016 involving unauthorized access to a server containing records of faculty, staff, and students. The breach exposed a database with approximately 400,000 records, including names, Social Security numbers, identification numbers, and some dates of birth for individuals employed or enrolled over several decades. The attacker stole records for 449 specific individuals before the university took the system offline within 24 hours. The perpetrator demanded payment, which the institution declined. Following the breach, Michigan State University notified affected parties and provided two years of complimentary identity theft protection and credit monitoring services. No passwords, financial details, or health information were compromised in this incident. The university's response included immediate system isolation and support for those impacted, though the long-term implications for data security were not detailed publicly.

Subsequently, on May 28, 2020, Michigan State University was targeted by the NetWalker ransomware gang, which encrypted files on campus systems and issued a one-week deadline for an undisclosed ransom payment. The attackers threatened to publish stolen documents, including student passports and financial records, on their dark web site if demands were not met, and later released samples as evidence of the compromise. The full impact of this attack remained unclear due to reduced on-campus operations during the COVID-19 pandemic, though it risked sensitive data exposure and potential disruption to internal systems. Unlike the 2016 breach, Michigan State University did not publicly comment on the ransomware attack or its response measures. The incident highlighted ongoing cybersecurity challenges for the institution, with the NetWalker gang's actions demonstrating a shift toward data exfiltration and public shaming tactics in ransomware campaigns.