Michigan State University spokesman Jason Cody tell us that the hacker or hackers asked the university for money.
Cody did not say how much money the hacker or hackers asked for, but did say that MSU did not pay it.
Michigan State University has confirmed that on November 13, there was a data breach by an unauthorized party of a university server that contained sensitive data.
The database, which contained about 400,000 records, included names, social security numbers and MSU identification numbers of some current and former students and employees. It did not contain passwords or financial, academic, contact or health information.
Only 449 records have been confirmed to have been accessed by the unauthorized party. The database affected by the breach was taken offline within 24 hours of the unauthorized access. MSU says their IT team quickly found the cause of the breach, and the MSU Police Department is working with federal law enforcement agencies to investigate.
MSU says there is no evidence that the breach affected any other records, but they are reaching out directly to all the people who may be affected by the breach to offer free credit monitoring.
The 400,000 records that were on the server include faculty, staff, and students who were employed by MSU between 1970 and Nov. 13, 2016, or were students between 1991 and 2016.
MSU Police are asking any current and former students and employees to watch their personal and financial information for potential fraud or incidents of identity theft. They ask anyone who notices suspicious or unauthorized activity to police immediately, referencing MSU Police incident report 1658103881.
MSU says they are working with national experts to improve campus security, and IT officials are also speeding up plans to implement MSU's plan for increased security.
Questions about the data breach should be directed to https://www.msu.edu/datasecurity or toll free at 1-855-231-9331.