Consulting Firm Data Breach Impacts MSU

Consulting Firm Data Breach Impacts MSU

Michigan State University (MSU) has been impacted by a data breach stemming from a cyber-attack on an Ohio law firm.

360 Mobile Vision - 360mobilevision.com North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - 360mobilevision.com is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

Bricker & Eckler LLP, which is associated with MSU Title IX contractor INCompliance Consulting, was hit with ransomware in January 2021. 

An investigation into the incident determined that an unauthorized party gained access to certain Bricker internal systems at various times between approximately January 14 and January 31.

“Findings from the investigation indicate that the party obtained some data from certain Bricker systems during this period,” said the law firm in a data security incident notice.

“Bricker was able to retrieve the data involved from the unauthorized party and has taken steps to delete the data. At this time, Bricker has no reason to believe this data was further copied or retained by the unauthorized party.”

Data that may have been exposed in the attack includes names, addresses, and in certain instances medical-related and/or education-related information, driver’s license numbers, and/or Social Security numbers.

Lansing State Journal reports that the cyber-attack on Bricker resulted in the exposure of Title IX case information belonging to nearly 350 people at MSU. 

In a letter sent this week to faculty, students, and staff, MSU wrote: “A limited number of individuals, some of whom are no longer affiliated with MSU, may have been impacted. Those individuals have been contacted and connected with the proper resources.”

MSU hired INCompliance in 2019 to investigate and resolve complaints regarding sexual misconduct, relationship violence, and discrimination.

The university said that the cyber-criminals who attacked Bricker had stolen documents from MSU cases handled by INCompliance. Among the documents were investigation reports, scheduling emails, and final determinations. 

“INCompliance is the entity that we work with on some of those external investigations,” said Michigan State’s Title IX communications manager, Christian Chapman.

“Bricker and Eckler is their parent company or law firm, so to speak.”

Chapman said that the personal data of six people involved in MSU investigations had been leaked in the data breach. 

“Our systems are secure and have not been impacted,” said Chapman. “And it will not impact any cases that are happening on MSU’s end.”

By admin