Michigan Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Michigan.jpg
 

Public Safety

Metro Detroit police departments targeted in ransomware attacks, Wayne County

Breach Type – Phishing, Ransomware

FOX 2 Detroit News
February 3rd, 2023
  • "Multiple Wayne County police agencies were targeted on Friday in a ransomware attack but were able to thwart a data breach thanks to quick actions.”
  • "The details of what agencies were impacted and when by a cyberattack are still emerging, but Wyandotte Police Lt. Neil Hunter said they noticed a lot of phishing emails this week sent to officers and city workers.”
  • ”According to Hunter, a records management system that supports several downriver police agencies was hit with malware. They're still determining which departments all had to deal with the mess but FOX 2 has learned that servers had to be shut down temporarily to fix the issue.”
  • ”(It) made things a little painful for us for a minute, but they were really quick with their response in taking care of the issue. We’re back full running normally," Hunter said. The good news is that this was not a data breach. "Our IT identified it rather quickly. They took care of the problem before it became a bigger problem," Hunter said.
Read More

 
Police investigating ransomware attack against MiTCON, Midland County

Breach Type – Unkown, Ransomware

OurMidland.com
October 24th, 2022
  • “Midland Police Department is conducting an investigation along with other law enforcement agencies after a ransomware attack took place Thursday, Oct. 20 against the Midland Information Technology Consortium."
  • ”MiTCON serves 85 non-profit organizations and small businesses with 800 computers in the Midland area. It is a wholly-owned subsidiary of the Midland Business Alliance.”
  • “Warren said the perpetrator of the ransomware attack did not demand a specific amount of money. Once the MiTCON network is restored to full operation, the organization will turn over the relevant data that investigators need for the ransomware investigation.”
Read More

 
Emergency Warning Sirens System, Genesee County

Breach Type - Hacking, Other

NBC 25 News
August 1st, 2018
  • County experienced repeated false alarms set off by emergency sirens
  • Emergency siren manufacturer could not identify internal problems
  • 911 board determined to identify hackers through ongoing investigation
Read More

 
BACK TO TOP

Local Government

Webster Township makes changes after being hacked, Washtenaw County

Breach Type – Phishing, Ransomware

The Sun Times
April 7th, 2022
  • “In an April 7 message to the community, Webster Township Supervisor John Kingsley said, on “March 19, 2021, Webster Township received a ransomware attack.”
  • “The hackers were able to access our Microsoft Exchange server,” Kingsley said. “We immediately removed the server from our system. The server is replaced and we have many changes in place: 1) a new website 2) all new email via Microsoft 365 3) all new anti-virus and anti-ransomware software.”
  • “Webster Township has used off-site backup of their server for many years; “therefore, the new server was programmed back to the March 18 with all data intact.”
Read More

 
Allegan County informs employees of 'social engineering' data phishing schemes, Allegan County

Breach Type – Phishing, Data Breach

Holland Sentinel
February 18th, 2022
  • "Allegan County officials have notified more than 560 county employees that personal information on their W-2 forms was compromised in a data breach."
  • “An employee, through a social engineering scheme, mistakenly allowed access to personal information of employees to an unknown third party."
  • “The information believed to have been breached is the information contained in employees' W-2 tax forms. This information includes wages, addresses, names and social security number digits."
  • “At this time, there is no evidence any of your personal information has been misused."
Read More

 
City of Mount Pleasant, Isabella County

Breach Type – Unknown, Ransomware

NBC 25 news
October 12th, 2020
  • In recent public announcement Mount Pleasant reveals cyber attack on systems
  • No ransom was paid and firewalls remain secure however phone and computer systems were affected
  • It is believed that no sensitive information was exposed at this time
Read More

 
City of Detroit & Detroit Water & Sewage Department, Wayne County

Breach Type – Phishing, Data Breach

The Detroit News
January 23rd, 2020
  • Sensitive email accounts were accessed during cyberattack
  • Officials believed as few as 10 accounts were affected
  • It was believed that nearly 300 customers had leaked information
Read More

 
Ingham County Computer Systems, Ingham County

Breach Type – Unknown, Malware

Valiant News
November 16th, 2019
  • County government computers hit in cyberattack
  • Bad actors possibly accessed plethora of private information
  • Officials unsure if bad actors could affect federal elections
Read More

 
Genesee County Government

Breach Type - Ransomware

WNEM
April 2nd, 2019
  • Servers were hacked and completely shut down following a ransomware type virus
  • The attack had to be isolated to prevent further encryption of data
  • Public servers were not impacted as this was mostly an internalized attack
Read More
Grand Blanc View
April 11th, 2019
  • The attack was originally discovered on April 2nd that is still persisting today
  • Systems including vital information are still inaccessible
  • Hackers have made a $4 million demand
Read More

 
Genesee County Government

Breach Type - Ransomware

WNEM
April 2nd, 2019
  • County servers were hacked and completely shut down following a ransomware attack
  • The attack was isolated and IT were able to arrest any further encryption of data
  • Most of the attack was internal therefore leaving public sectors to normal operations
Read More

 
Kent County Community Mental Health Authority of Michigan (dba as Network180), Kent County

Breach Type - Phishing, Data Breach

Data Breaches
January 8th, 2019
  • Breach of protected health information potentially affected 2,200 clients
  • Bad actors gained access to Network 180 encrypted e-mail accounts through a phishing scheme
  • 3 staff members had their accounts compromised after receiving the fake emails
  • Mass password resets implemented, and thorough investigation conducted as additional safeguard to protect against further attacks
Read More

 
Shiawassee County Financial Administrator, Shiawassee Co.

Breach Type - Phishing

Argus Press
June 1st, 2018
  • County financial administrator fell victim to elaborate spear-phishing scheme
  • Hackers stole $50,000 from Shiawassee county
  • Financial administrator resigned after cyber incident
Read More
Detroit News
June 2nd, 2018
  • An official resigned after falsely wiring $50,000 to hackers
  • She believed she was emailing another county official about the bill
  • It is unlikely that insurance will cover the losses
Read More

 
City of Ferndale

Breach Type - Phishing/Email Spoof

Patch
March 7th, 2018
  • Head of City's building department falls victim to phishing scam
  • Hackers use account to forward malicious emails to residents
  • City warns residents that email account was compromised
Read More

 
Washtenaw County

Breach Type - Phishing/Hacking

U.S. Department of Justice
December 1st, 2017
  • 27 yr old man (Konrad Voits) pleads guilty to access & damage of Washtenaw Co. Gov. Computer system
  • Phishing scheme included emailing and phone calls to county employees
  • Gained access and compromised all login information of past and present employees
  • Accessed county jail records, changed inmate's release date to an earlier date
  • Ultimately inmate was not released early
  • Investigation & clean-up of breach cost Gov. $235,488+
Read More
Detroit Free Press
April 26th, 2018
  • Hacker sentenced to 7 years in federal prison
  • Hacker accessed private records of over 1, 600 county employees
  • When double-checking records manually employee noticed alterations, ultimately thwarting hacker's wrong doings
Read More

 
Genesee County

Breach Type - Email Spoof

NBC 25
August 2nd, 2017
  • County email of single employee, hacked by Russians
  • Sent out vulgar messages through John Gleason’s account
  • County believes this was an isolated incident
Read More

 
Mackinaw City

Breach Type - Hack

9&10 News
June 26th, 2017
  • Part of Islamic Union test hacks of government websites
  • Hacked with pro-Islamic State messages
  • No breach of data
  • No personal data compromised
  • IT department restored website within a few hours
Read More

 
Lansing Board of Water & Light

Breach Type - Ransomware

Daily KOS
April 27th, 2016
  • Attack did not affect electricity and water supply
  • Customer data not affected or compromised
  • Computer systems and telephone networks down for Water & Light Employees
Read More
Lansing State Journal
November 11th, 2016
  • Ransomware infected via email attachment
  • BWL paid $25,000 ransom to unidentifiable foreign hackers
Read More

 
BACK TO TOP

Medical

Northeast Surgical Group notifies 15,298 patients of a HIPAA breach, but doesn’t tell them their information has been dumped., Macomb County

Breach Type – Unknown, Data Breach

DataBreaches.net
March 7th, 2023
  • “Northeast Surgical Group (“NESG”) is notifying individuals whose information may have been involved in a data incident. At this time, NESG does not have any evidence to indicate that any personal information has been or will be misused as a result of this incident."
  • “On January 8, 2023, NESG detected suspicious activity within its network environment. Upon discovery, NESG immediately engaged a law firm specializing in cybersecurity and data privacy to investigate further. Additionally, NESG engaged third-party forensic specialists to assist NESG in its analysis of any unauthorized activity."
  • "The investigation concluded on February 13, 2023. While the potentially impacted information varies by individual, the investigation concluded that certain personal information – including name, address, Social Security number, and, in some cases, date of birth and medical and treatment information – were accessed by an unknown party that is not authorized to handle or view such information.”
Read More

 
University of Michigan Health public websites hit by pro-Russian cyberattack, Washtenaw County

Breach Type – Hacking, DoS

Free Press
January 30th, 2023
  • "University of Michigan Health experienced problems with its public websites Monday as a result of a cyberattack on a vendor, according to a statement from the hospital system."
  • ”The problems are among other reports of similar cyberattacks at hospital systems around the United States and in other countries that have agreed to provide tanks to Ukraine, which was invaded by Russia nearly a year ago."
  • "Killnet is a pro-Russia hacking group known for its cyberattacks, primarily on European governments and infrastructure. They commonly use “denial of service” attacks to disrupt business, Politico reported previously."
  • ”University of Michigan Health has been experiencing intermittent problems with its public websites as a result of a cyberattack on a third-party vendor we use to host some of our sites. We are working with the third party to mitigate it and expect to have our sites fully functional as soon as possible,” according to the statement from spokeswoman Mary Masson.
  • “Patients can still access the patient portal via myuofmhealth.org.” By late afternoon, Masson said the problems were intermittent.
  • ”Free Press reporters tried to access the public websites for the University of Michigan Health and Mott Children’s Hospital Monday morning, but they wouldn’t load. Reporters saw messages that the sites couldn’t be reached. Another attempt showed a website with a plain page and links at the top. Cybersecurity tracker BetterCyber tweeted Monday that the hospital and health system websites were among several U.S. health care organization and hospital websites for which disturbed denial of service (DDoS) attacks were launched by the pro-Russian hacktivist group KillNet.”
Read More

 
Michigan Medicine Notifies 33K Patients of Phishing Attack, Washtenaw County

Breach Type – Phishing, Data Breach

Health IT Security
October 28th, 2022
  • “Michigan Medicine notified 33,850 patients of a phishing attack that may have exposed their health information. A cyber attacker targeted Michigan Medicine in August 2022 with a scam that lured employees to a webpage that got them to enter their login information.”
  • "As a result, four Michigan Medicine employees entered login information and accepted multifactor authentication prompts, enabling the attacker to access their email accounts. Michigan Medicine said it immediately disabled the accounts upon discovery. “No evidence was uncovered during the investigation to suggest that the aim of the attack was to obtain patient health information from the compromised email accounts, but data theft could not be ruled out,” the notice stated.”
  • ”Some email accounts contained patient names, addresses, birth dates, treatment information, medical record numbers, and health insurance information. “Patient privacy is extremely important to us, and we take this matter very seriously. Michigan Medicine took steps immediately to investigate this matter and is implementing additional safeguards to reduce risk to our patients and help prevent recurrence,” Jeanne Strickland, Michigan Medicine chief compliance officer, said in the statement.”
Read More

 
Detroit Health Department Provides Notice of Data Security Incident, Wayne County

Breach Type – Unknown, Data Breach

DataBreaches.net
October 8th, 2022
  • “The Detroit Health Department is notifying specific individuals about a recent security incident involving the unauthorized release of private client information. Upon learning of this issue, we worked to mitigate the threat of any continued breach and sought assistance from external security professionals.”
  • "On May 12, 2022, it was discovered that protected health information was compromised as a result of an unauthorized disclosure in our office. To the best of our knowledge and belief, information was improperly disclosed to a third party which information contained names, address, dates of birth, contact information, gender, race, marital status, household size, and participation status in certain Detroit Health Department programs. This incident does not affect all Detroit Health Department clients.”
  • ”Notified individuals are being provided with best practices to protect their information, including but not limited to monitoring their credit information. The Detroit Health Department is fully committed to maintaining the private and personal information in its possession and have taken many precautions to safeguard it. For the individuals who have questions or need additional information regarding this incident, please call our toll-free number at 1-833-242-6019.”
Read More

 
120K Priority Health Members Impacted by Third Party Data Breach, Kent County

Breach Type – Unknown, Data Breach

Health IT Security
August 10th, 2022
  • “Priority Health issued a notice about a third-party data breach that originated at the law firm Warner Norcross & Judd (WNJ) in October 2021."
  • "WNJ took steps to secure its network and notified Priority Health of the incident on June 6, 2022. The incident impacted approximately 120,000 Priority Health members."
  • "Although there has been no evidence of misuse, the unauthorized party potentially accessed first and last names, pharmacy and claim information, drug names, and prescription dates from certain prescriptions filled in 2012."
Read More

 
McKenzie Health System addresses data security breach, Sanilac County

Breach Type – Hacking, Data Breach

Sanilac County News
May 11th, 2022
  • “McKenzie Health System has announced letters are being mailed to some patients whose information may have been involved in a data security incident that disrupted the operations of some information technology systems."
  • "McKenzie Health System of Sandusky first identified the hacking incident on March 11, and immediately took steps to secure its systems, launched an investigation with the assistance of a third-party forensic investigator, and notified law enforcement."
  • "The investigation determined that an unauthorized party accessed the IT systems of McKenzie Health System and removed some files. McKenzie Health System then initiated a review and analysis of those files to determine what information they contained."
  • "On April 22, McKenzie determined that the files contained information belonging to some patients, including names, contact information, demographic information, dates of birth, Social Security numbers, diagnosis and treatment information, prescription information, medical record numbers, provider names, dates of service, and/or health insurance information."
Read More

 
Michigan Medicine officials say nearly 3,000 affected in data breach, Washtenaw County

Breach Type – Hacking, Data Breach

Detroit News
March 4th, 2022
  • "Michigan Medicine is warning nearly 3,000 of its clients that some of their private information may have been accessed by computer hackers."
  • "Michigan Medicine took steps immediately to investigate this matter and is implementing additional safeguards to reduce risk to our patients and help prevent (a) recurrence."
  • "They said an employee's email account was compromised on Dec. 23 in a cyberattack and used to send out other emails. The employee did not know about the compromise until suspicious activity on Jan. 6."
  • "Officials found the compromised email contained patient information such as names, medical record numbers, addresses, dates of birth, diagnostic and treatment information, and health insurance information. They said no social security numbers, credit card, debit card or other financial account information was found."
Read More

 
Michigan Clinics Pay Hackers' ransom to unlock patients' financial files, Monroe County

Breach Type – Hacking, Data Breach

Becker Hospital Review
September 21st, 2021
  • "Carleton-based Family Medical Center of Michigan began notifying patients this month that their financial information was exposed by hackers during a ransomware attack"
  • "A group of hackers based in Ukraine targeted the medical center and encrypted its financial files, which prevented employees from accessing up to 15,000 patients' financial information."
  • "Family Medical Center of Michigan paid the hackers' $30,000 demand to unlock the files...The hackers took two weeks to get FMC the digital key to unlock the files"
  • "FMC discovered its network had been compromised when employees noticed that they were able to access payment information and records of its patients. Shortly after finding this out, the hackers contacted FMC and made their ransom demand"
Read More

 
Accellion breach exposed data from patients at major Michigan hospital system, Oakland County

Breach Type – Hacking, Data Breach

CyberScoop
August 31st, 2021
  • "A major Michigan hospital system on Friday notified roughly 1,500 patients that their information may have been exposed as a result of a hack against file-sharing service Accellion."
  • "that impacted patient health data included patient name, procedure name, physician name, internal medical record number and dates of service. No patient financial information was impacted,"
  • "Cybercriminals exploited multiple vulnerabilities in Acellion’s software late last year, allowing them to infiltrate the company’s file-sharing tool to gather information from the company’s customers. The group unleashed a wave of extortion attempts against victims in late January, threatening to share their stolen data if they didn’t pay up."
Read More

 
Total Health Care, Wayne County

Breach Type – Phishing, Data Breach

Becker's Hospital Review
April 6th, 2021
  • Data of 221,454 individuals compromised
  • Compromised information includes, but is not limited to, SSNs, birth dates, and addresses.
  • Total Health Care has hired cyber security experts to increase its defenses and has provided further cyber hygeine training to its employees
Read More

 
Trinity Health, Wayne County

Breach Type – Hacking, Data Breach

Becker's Hospital Review
April 6th, 2021
  • Data compromised in a cyber attack on a vendor in January 2021
  • Compromised information includes names, birth dates, medical record numbers, lab results, payer names, and some SSNs and credit card numbers
  • Trinity Health is offering credit monitoring and identity theft resources to those affected
Read More

 
Mendelson Kornblum Orthopedic and Spine Specialists, Macomb County

Breach Type – Unknown, Data Breach

Data Breaches
March 20th, 2021
  • Limited health information was left vulnerable on one of the practice's servers for an unknown amount of time
  • Potentially compromised information includes patient name, medical record number, date of birth, patient sex, and certain information regarding medical images
  • Mendelson Kornblum has notified potentially affected patients and encourages them to monitor their account statements and credit reports with vigilance
Read More

 
Saint Alphonsus Health System and Saint Agnes Medical Center, Wayne County

Breach Type – Hacking, Data Breach

Becker's Hospital Review
March 5th, 2021
  • A public statement confirmed that a data breach scam had expised patients personal information
  • An employee email account began to have unusual activity that prompted investigations
  • The compromised account was used exposing names, addresses, birth dates, medical record numbers, billing details, and Social Security numbers
Read More

 
Covenant HealthCare, Saginaw County

Breach Type – Hacking, Data Breach

News Channel 21
February 24th, 2021
  • Two employee email accounts compromised following cyberattack
  • Names, addresses, dates of birth, Social Security numbers among compromised data
  • Patients that were victims of the attack have been notified by the healthcare provider
Read More

 
Hackley Community Care, Muskegon County

Breach Type – Phishing, Data Breach

Becker's Hospital Review
February 18th, 2021
  • 2,500 patients had personal and health information compromised
  • Bad actors utilized sophisticated phishing scheme
  • Officials believed that personal data had not been viewed or used
Read More

 
Dickinson County healthcare system, Dickinson County

Breach Type – Unknown, Ransomware

TV 6
October 19th, 2020
  • Dickinson County healthcare systems in the process of a confidential investigation following ransomware attack on Saturday
  • Once the unauthorized access was discovered the hospital took utmost precautions to shut down the system and then attempt to isolate the threat
  • There is no evidence showing that information was accessed or compromised by bad actors
Read More

 
Trinity Health, Wayne County

Breach Type – Unknown, Data Breach

PR Newswire
September 14th, 2020
  • Healthcare provider was among numerous victims of data breach
  • Officials launched investigation to assess total damage from cyberattack
  • Names, addresses, email information, and dates of birth were among leaked information
Read More

 
Spectrum Health, Kent County

Breach Type – Unknown, Data Breach

Becker's Hospital Review
September 3rd, 2020
  • Spectrum Health was also a victim of large scale Blackbaud breach
  • Blackbaud notified many organizations of exposure that bad actors had gained access between Feb. and May
  • The bad actors were able to access a backup server taking donor and patient information, Blackbaud believes that the information is not being misused
Read More

 
Beaumont Health Systems, Macomb County

Breach Type – Phishing, Data Breach

Detroit Free Press
July 28th, 2020
  • Six email accounts were accessed by unauthorized bad actors in phishing scheme
  • IT personnel conducted an intensive several month long investigation
  • Patient names, dates of birth, and medical diagnosis information were leaked
Read More

 
Beaumont Health, Wayne County

Breach Type – Hacking, Data Breach

Health IT Security
April 21st, 2020
  • 114,000 patients of healthcare provider were notified of data breach
  • Bad actors accessed numerous employee email accounts
  • Names, account numbers, other sensitive data were accessed during cyberattack
Read More

 
Munson Healthcare, Grand Traverse County

Breach Type - Phishing, Data Breach

Data Breaches
February 28th, 2020
  • Healthcare employee email breached during cyberattack
  • Names, birthdates, insurance information likely leaked
  • Credit monitoring offered to individuals affected
Read More

 
Brookside ENT and Hearing Center, Calhoun County

Breach Type - Ransomware

WWMT
March 29th, 2019
  • Demands of around $6,000 were made after systems were completely locked up
  • The ransom was not paid due to uncertainty of claims and if data would truly be restored
  • No information was copied but simply deleted leading doctors to simply resign instead of rebuilding the practice
Read More

 
Wolverine Solutions Group, Wayne County

Breach Type - Unknown, Ransomware

WLNS
March 6th, 2019
  • Following an attack, thousands of patients from Sparrow Hospital received notices from WSG
  • WSG handles hospital billing and was the victim of a Ransomware attack
  • The company (WSG) states there is no evidence that personal information was compromised
Read More

 
Sacred Heart Rehabilitation Center, Macomb County

Breach Type - Phishing, Data Breach

DataBreaches
January 10th, 2019
  • Private patient data potentially exposed
  • Unknown how many people affected
  • Hackers used compromised email account
Read More

 
The Holland Eye Surgery & Laser Center, Grandville – Kent Co.

Breach Type - Hack

DataBreaches
June 2nd, 2018
  • Hacker stole & extorted data from Michigan practice since 2016
  • Held private patient information for ransom
  • Sold data on the dark web
  • Practice discovered data breach two years after it started
Read More

 
Bronson Healthcare Group

Breach Type - Phishing

Michigan Live
January 5th, 2018
  • Phishing scam on Bronson email system could have exposed information of 8,256 patients
  • Medical records of patients never at risk
  • Bronson Healthcare notified patients two months after incident took place
Read More

 
Caro Community Hospital, Caro Medical Clinic, Caro Quick Care

Breach Type - Ransomware

WNEM
July 17th, 2017
  • Ransomware shuts down all electronics, causing significant disruption to hospital production
  • Cybercriminals demand $120,000 for decryption key
  • Staff immediately adapted to paper documentation, providing best care possible to patients
  • Personal patient information was not compromised
Read More

 
BACK TO TOP

Education

Lansing Community College suspends most classes for 'ongoing cybersecurity incident', Ingham County

Breach Type – Unknown, Ransomware

Lansing State Journal
March 15th, 2023
  • "Lansing Community College is suspending nearly all classes and all activities and asking students and most employees not to work or log into the college's systems or come to campus the rest of the week of March 12-17. Most classes are canceled for Thursday and Friday due to an ongoing cybersecurity incident."
  • "The school said the FBI and the Michigan Cyber Command Center are involved."
  • ”We have disconnected from the network and internet while we determine the nature and scope of the incident and determine our next steps," a spokeswoman for the college said. "To be transparent: We do not know everything yet, and communication is going to be very challenging once we disconnect from the network. We will continue to put out messages as best we can on this Twitter account, and communicate with our local media outlets."
Read More

 
Hope Hit with $5M Class Action Lawsuit Over Data Breach, Ottawa County

Breach Type – Unknown, Data Breach

WHTC.com
December 28, 2022
  • ”The Holland Sentinel is reporting in Wednesday’s editions that class-action status has been requested by plaintiff Jennie DeVries of Holland for the litigation filed at US District Court for Western Michigan on Monday."
  • "In the lawsuit, DeVries claimed that the Holland school failed to notify until December 15th affected persons of a September 27th incident, in which names, birth dates, Social Security numbers, driver’s license numbers and student ID numbers were compromised. The six-count lawsuit claims that nearly 157,000 persons were affected, and the plaintiff is asking for over $5 million in damages, as well as interest and costs."
  • ”The school said in a written response that officials had responded quickly to the matter, and an investigation revealed that there was no evidence that any information had been compromised by any third party as a result of the breach. Hope is providing complimentary credit monitoring services to those affected."
Read More

 
Jackson and Hillsdale County schools remain closed after ransomware attack

Breach Type – Other, Ransomware

WTVB
November 14th, 2022
  • ”Students in Jackson and Hillsdale Counties will not attend classes for a second consecutive day following a computer system outage caused by a ransomware attack this past weekend."
  • "Jackson County Intermediate School District Superintendent Kevin Oxley issued a statement Monday evening stating that although security teams are working to get the systems back online in a safe and secure matter, the process may still take some time. Because of the ongoing work, officials from 23 public school districts and charter schools in the two counties decided to cancel classes for Tuesday..”
  • ”Students and staff are also being asked to refrain from using school-issued computers and devices for the time being.”
Read More

 
South Redford School District cancels classes following cyberattack, Wayne County

Breach Type – Unknown, Ransomware

WXYZ News
September 20th, 2022
  • “The South Redford School District posted a notice to the community this morning saying school was closed because of a cyberattack and warned people not to use any district-issued devices."
  • "Parent Sheantez Kimling Mackey said she'd rather be safe than sorry when it comes to her children's security. She said she was surprised to wake up to a warning from administrators today telling parents and students not to use any district-issued tech devices."
  • "Just two weeks ago, the FBI and other agencies warned schools could be targets for ransomware attacks and anticipated an increase as this school year gets underway."
Read More

 
KVCC investigates cyberattack, delays summer semester, Kalamazoo County

Breach Type – Unknown, Ransomware

FOX 17 News
May 19th, 2022
  • “Kalamazoo Valley Community College updated students, faculty, instructors and staff Thursday about its recent cyberattack."
  • “KVCC said it is in the process of continuing to implement security measures to help prevent any further unauthorized access to its network."
  • "On Tuesday, KVCC said the cyberattack also affected its voicemail system."
Read More

 
Michigan college cancels classes after ransomware attack, Calhoun County

Breach Type – Phishing, Data Breach

ctpost.com
May 2nd, 2022
  • “A Michigan community college has cancelled classes indefinitely following a ransomware attack over the weekend."
  • "Officials at Battle Creek-based Kellogg Community College said Sunday in a statement on its website that technology issues caused by the attack continue to affect the school's systems."
  • "The ransomware attack was under investigation. Officials did not give details about the technology issues."
  • “Out of an abundance of caution and to further secure our network, we are initiating a forced password reset for all students, faculty and staff.”
Read More

 
Monroe Public Schools notifies 1,201 of data breach in June, Monroe County

Breach Type – Unknown, Malware

DataBreaches.net
January 8th, 2022
  • "On January 7, external counsel for the district notified individuals about an incident the district discovered on June 10, 2021 when certain systems and files were encrypted. The district reports that it immediately secured their network and removed the malware from their system, and worked to restore data and functionality."
  • “Their investigation concluded that between June 9, 2021 and June 10, 2021, in addition to encrypting files, an unauthorized party exfiltrated what they describe as a “limited number” of files and folders from the district’s system."
  • "It is not clear exactly what data types were involved for those being notified, but it appears that for at least some, social security numbers were involved."
  • They do not reveal the type of malware and whether there was any ransom demand. Letters have reportedly gone out to 1,201 individuals affected by the breach."
Read More

 
Mott Community College, Genesee County

Breach Type – Unknown, Data Breach

MLive
March 24th, 2021
  • An unauthorized person had access to Mott Community College systems between November 27th, 2020 and January 9th, 2021
  • Name, date of birth, and dental plan enrollment were among the compromised information
  • There is no indication thus far that any of the information has been misused
Read More

 
Troy School District website, Oakland County

Breach Type – Hacking, Other

Radio
March 15th, 2021
  • Michigan State Police are investigating a hack that uploaded both racist and offensive comments on a school website
  • In a public release the hack was reported to happen around 2:15 pm on a Monday
  • The website was used to share school events,and carries no personal information that could be exposed
Read More

 
Saginaw Township Community Schools, Saginaw County

Breach Type – Unknown, Ransomware

ABC 12
February 25th, 2021
  • Law enforcement agencies are investigating a cyber attack that occurred
  • Statements regarding the attack stated that it could've been a lot more impact but was certainly disruptive in the school year
  • Investigations are ongoing and daily to discover what the bad actors seek to gain from hack
Read More

 
Walled Lake Consolidated School District, Oakland County

Breach Type – Hacking, Other

Click on Detroit
October 12, 2020
  • A public release was sent to parents stating that system outage was linked to cyber attack
  • District says there’s no evidence if attackers were able to gain access to sensitive information
  • Attackers were able to gain access to systems and there is a possibility exposure
Read More
Data Breaches
October 29th, 2020
  • District suffered from a ransomware attack on or about October 10th
  • Bad actors have tried to pressure the district to pay ransomware demands by dumping files that contain employee and student information
  • Some of the files contained salary schedules, personnel records, files concerning retirements and resignations, a spreadsheet with teacher’s names and more
Read More

 
MSU Online Store, Ingham County

Breach Type – Hacking, Data Breach

The State News
August 11th, 2020
  • Information of 2,600 people was leaked following cyberattack
  • Names, addresses, and credit card information were accessed
  • University officials contacted affected customers and offered credit monitoring services
Read More

 
Mid-Michigan College, Clare and Isabella Counties

Breach Type – Phishing, Data Breach

The Morning Sun
June 20th, 2020
  • Nearly 16,000 people likely affected by cyberattack
  • Officials gave public notice, and notified individuals of the breach
  • Law firm and state attorney general's office assisted with investigation
Read More

 
Michigan State University, Ingham County

Breach Type – Unknown, Ransomware

ZDNet
May 28th, 2020
  • State university hit in ransomware cyberattack
  • Bad actors ransomed files, gave deadline of one week
  • IT officials remained unsure how extensive damage was
Read More

 
Richmond Community Schools, Macomb County

Breach Type – Unknown, Ransomware

Freep
January 2nd, 2020
  • Due to the timing of this attack student breaks were extended
  • Bad actors requested $1 million in exchange for files to remain private
  • Earlier in June insurance paid the hackers over $600,000 in bitcoin potentially causing Richmond school to be a target
Read More

 
Johannesburg-Lewiston Area Schools, Otsego County

Breach Type - Ransomware

Gaylord-Herald Times
November 20th, 2018
  • Ransomware infection impacted computer systems at Johannesburg-Lewiston Area Schools
  • Ransom paid to cyber criminals through cyber insurance plan
  • Hack potentially caused by bot which attempted username and password combinations
Read More

 
Saline Area School Website

Breach Type - Cryptojack/Other

wccftech
February 12th, 2018
  • Cryptojackers abuse "browsealoud" plugin to mine Monero from unsuspecting web-users
  • Over 4,200 webpages globally, affected by scheme
  • Saline Area School website used by hackers to generate cryptocurrency
Read More

 
Alpena Public Schools

Breach Type - Ransomware

DataBreaches
December 17th, 2016
  • No important information lost in ransomware attack
  • Attack was minor inconvenience for school
  • Did not pay ransom, restored system through backups
Read More

 

BACK TO TOP