On Tuesday, June 23, 2020, an update on the May technology-based intrusion investigation was sent to faculty, staff, and students from Senior Vice President of IT and CIO Melissa Woo and College of Natural Sciences Dean Phillip M. Duxbury.
Dear MSU Faculty, Staff, and Students:
As you know, our Information Security team is working diligently with law enforcement partners on a comprehensive investigation into the technology-based intrusion the university experienced three weeks ago. In the spirit of our commitment to keeping our Spartan community informed on the developments of this ongoing investigation, we wanted to provide you with a brief update.
First, based on what we know now, no student information systems or financial systems were involved in the attack. This is consistent with our initial finding that the intrusion was limited to MSU’s Department of Physics and Astronomy — an academic unit isolated from the university’s administrative servers and systems that store this type of information.
Additionally, MSU IT has successfully recovered all data on the compromised file servers from existing backups and has completed its internal analysis of the files. During its review, MSU IT promptly contacted anyone still at MSU that may have been affected by the intrusion to provide them with appropriate mitigation measures. However, to ensure all individuals with personal information on those servers have been identified and notified, MSU IT has engaged a third-party expert to conduct a final review of all potentially exposed files. Following that review, MSU will provide the appropriate notifications as required by law to anyone with compromised personal information.
We know that this investigative work will conclude soon, however, we equally recognize that the worry for those affected by this intrusion won’t. That is why in addition to providing individuals with free ways to protect their personal information, MSU is finalizing an agreement to provide anyone impacted by this intrusion with identity protection services at no charge. Once this agreement is in place, those who were impacted will be notified once their services are active.
Finally, MSU IT and the Physics and Astronomy Department are taking additional measures to improve the information security configurations and controls for the Physics and Astronomy Department and implementing a return-to-service plan with enhanced security measures and on-going monitoring
We are taking this incident seriously and with the utmost consideration for anyone who is affected. And while this may have been an isolated incident, it reinforces the need for each of us to take precautions and be aware of risks when working online. Things like being aware of the possibility of phishing emails, creating effective passwords, using two-factor password authentication on devices and accounts whenever possible, and deleting files and data when you are done using them.
As always, we appreciate your continued patience and understanding as we work through this detailed investigation. If you have any questions, please contact our team members, who are standing ready to help: 517-355-1855.
Sincerely,
Melissa Woo, Ph.D., Senior Vice President for Information Technology and Chief Information Officer
Phillip M. Duxbury, Ph.D., College of Natural Sciences Dean