MSUToday
Published: June 3, 2020

MSU provides update on IT-based intrusion

Contact(s): Dan Olsen University Communications office: 517-884-8675 olsenda2@msu.edu

Michigan State University provided an update on its ongoing investigation into an isolated technology-based intrusion that compromised files within one of the university’s units.

The intrusion is believed to have occurred on Memorial Day and, within hours, MSU’s information technology teams were notified and took swift action to prevent further exposure, including taking the impacted servers and workstations offline and notifying the proper law enforcement agencies.

The intrusion was limited to one unit on campus – the Department of Physics and Astronomy. With the help of law enforcement, the university is in the process of identifying the information that was compromised and will notify individuals who may be impacted by the intrusion as soon as they are identified.

“First and foremost, our priority is determining what information was compromised and then working with anyone who may have been affected to provide them with the appropriate support,” said MSU Chief Information Officer Melissa Woo. “The safety and security of our IT systems and the people who use them are of paramount importance to MSU. It is why MSU continues to work diligently to strengthen and improve our information security systems and share best practices with our campus community.”

While the intruders have demanded ransom in exchange for not releasing the stolen information, MSU is heeding the guidance of its law enforcement partners and not paying the ransom.

“It is important to remember that these are criminal acts being carried out by individuals seeking nothing more than an opportunity to earn a quick buck at any person or entity’s expense,” said Kelly Roudebush, chief of the MSU Police Department. “Paying cyber-intrusion ransoms perpetuates these crimes and provides an opportunity for the group to live another day and prey upon another victim.”

MSU IT offered the following measures individuals can take to protect themselves when working online, including:

  • Being aware of the possibility of phishing emails;
  • Creating effective passwords;
  • Using two-factor password authentication on devices and accounts whenever possible; and
  • Deleting files and data when you are done using them.

Also remember to apply patches and updates to system as they become available.