MSU CAMPUS — The Michigan State University Office for Civil Rights says they’re working with a third-party vendor as well as the people impacted by a January data breach that compromised sensitive Title IX and anti-discrimination files.
“What we will do and will continue to do is work with Bricker. If there are any new developments, we learn anything new, we will be transparent with the community, we will again reach out to individuals who may have been impacted,” Associate Vice President of MSU’s Office for Civil Rights Tanya Jachimiak said.
Bricker & Eckler is the law firm affiliated with MSU’s external investigations and resolutions officers through INCompliance Consulting. The firm says they were targeted in a ransomware attack earlier this year but were able to retrieve all stolen data. INCompliance Consulting conducts external investigations into matters relating to Title IX compliance and the university’s anti-discrimination policy.
“Their ransomware attack affected files well beyond MSU. In terms of Bricker Eckler, they have assured us their security is locked down,” Jachimiak said.
A ransomware attack uses malicious software to block a victim from accessing their files. Its name comes from the ransom usually demanded for their return.
Elizabeth Abdnour is an attorney and a former Title IX investigator at MSU.
Abdnour was informed about the breach when one of her clients received an email that her information had been impacted.
“The email that my client received assured her that her Social Security number and her driver's license hadn't been released, but didn't provide her with any information about what had been released,“ Abdnour said.
As a former investigator for the university, Abdnour said the risk of such personal information being impacted by the breach made her reach out both to individual investigators and the university to see what information was impacted.
“So those reports include, you know, the names and identities of survivors, as well as people who have been named as perpetrators, anybody who might have been named as a witness, and they include very detailed descriptions of what occurred,” Abdnour said.
Abdnour said she's slated to speak with the university and investigators from INCompliance consulting Friday. She's offering to request information for anyone else impacted by the ransomware attack.
UPDATE: MSU & InCompliance reached out to me and I have a call scheduled with @MCarletonOhio & her colleague tomorrow. If anyone-even non-clients-has questions about their info, please feel free to email me at firstname.lastname@example.org & I would be happy to ask about your case. https://t.co/1c62vhAPg7— Elizabeth Abdnour (@lizabdnour) April 8, 2021
The university’s Office For Civil Rights hopes that anyone impacted uses the confidential resources available to them or reaches out to the office directly with any questions.
“I can tell you that we sent out over 300 individualized emails to persons who may have been impacted,” Jachimiak said. “Anyone who has questions may contact me directly” at OCR.email@example.com.
Want to see more local news ? Visit the FOX47News Website.
Stay in touch with us anytime, anywhere.
Sign up for newsletters emailed to your inbox.
Select from these options: Breaking News, Severe Weather, School Closings, Daily Headlines and Daily Forecasts.