Campus Alert: For updates on Mid Michigan College's response to COVID-19, visit Mid’s Study Safe, Stay Healthy webpage.

Letter from the President

2020 Cyber Security Incident

The words “data breach” are becoming more and more frequent in our everyday lives, and I’m sad to report that Mid Michigan College is now among the tens of thousands of organizations that have fallen prey to a hacker. While we are dismayed by this intrusion, we will not be stymied by it. We are doing everything possible to assist and protect those whose information may have been compromised.

We now know that the breach included access to the email accounts of ten Mid Michigan College employees. Our system remained functional and we received no demand for ransom. However, information in the emails of those ten individuals included documents containing social security numbers and other personal data.

I regret to say that the list of individuals whose data might have been seen is large, over 16,000 individuals. The data breach impacts many members of the College community, including faculty, staff, students, former students and others. As a dedicated community partner, Mid touches the lives of many people in Michigan. This is why I felt it necessary to share this information with you.

Anyone whose information was compromised will receive a letter via mail that explains how to activate two years of Experian credit and identity monitoring provided by Mid Michigan College. There will be no cost to those who were impacted by this breach.

We have already taken steps to strengthen our cybersecurity practices and education to minimize the chance of a second attack. We know that these threats have become more prevalent during the COVID-19 pandemic and they are likely to continue.

We have alerted law enforcement to the incident, but the identity of the hacker(s) has not been determined, despite the efforts of the investigation team. We hope that someday they will be identified and brought to justice. In the interim, we will act to support the affected individuals and to secure our system against future intrusions.

We know that these are challenging times, but we continue to work tirelessly on being a trusted educational and service partner.


Christine M. Hammond, PhD

President, Mid Michigan College


How did the hackers get into the system?

Our investigative team believes unauthorized entry was gained by using personal information gathered from other sources to reset passwords and gain control of certain user accounts.

When did you find evidence of the breach?

The incident began on the evening on April 17 and was discovered shortly thereafter. We engaged a forensic cyber security firm to assist us in securing the system and understanding the full scope of the problem. The forensic investigation and legal team conducted a thorough review of the College's technical data and the affected accounts, notified law enforcement, and worked to ascertain which individuals were impacted by this incident. Care was taken to be sure that the list of affected individuals was as accurate as possible prior to notification. The investigative report was provided to the College on the morning of Tuesday, June 16. The President convened meetings of affected departments and the College's shared governance groups later that morning. Notices to the broader community were distributed that day with follow up on June 17 and 18.

What have you done to ensure this doesn’t happen again?

We have already adjusted the College's Single-sign-on process and put into effect a two-factor password reset system. We will also introduce training and educational resources to inform staff about best-practices regarding digital safety and document retention practices.

We will continue to remind our staff of the critical nature of cyber security and keep our IT professionals engaged. The number of cyber-attacks of this nature has grown significantly over the past several years, and we are now unfortunately part of that growing number of affected organizations.

Do you know the identity of the hacker? Was the hacker affiliated with Mid in anyway?

At present, we do not know the identity of the hacker(s), despite considerable effort by our cyber forensic team to determine this information.

Did the breach affect online learning in any way?

Our understanding is that online learning and student registration was wholly unaffected by this event.

Where can I get resources to help me if I suspect identity theft?

Each impacted individual will receive a letter from the College laying out detailed information, including how to enroll – at no cost to you – in the identity monitoring product that the College is providing. Additional information on general steps you can take to protect yourself is available at

Back to the top