What to know about the Hope College data breach

Some Calvin faculty and students may have been affected by a data breach at Hope College last fall.

On Sept. 27, 2022, Hope College discovered potential, unauthorized access to files containing sensitive information, according to a document released by Hope. This information was later determined to include individuals’ first and last names, in combination with their date of birth, Social Security number, driver’s license number, and student ID number. Financial information — such as credit card numbers — was unaffected. 

After Nov. 8, the college began sending out letters to those it believes to have been affected. While the college’s statement does not say how many were affected, a lawsuit filed on Dec. 26 alleges that up to 156,783 individuals were potentially affected by the breach, according to MLive

While Hope students and alumni are among those primarily affected, some Calvin faculty, staff and students may also have been affected. 

Many Calvin faculty who have spoken or taught at Hope are in Hope’s system from filing tax information. Rebecca DeYoung, professor of philosophy, said she received a letter saying she may have been impacted. DeYoung said her information was probably in Hope’s system from a talk she gave there in 2017. 

DeYoung, who has been affected by other data breaches, said she views data breaches as a “risk you take by operating online.”

Michael Dirksen, a teaching fellow and 2012 Hope graduate, also received a letter. Dirksen taught a class at Hope in 2020. Following news of the breach, he removed his banking information from Hope as a precaution. However, other information, such as his Social Security number, could not easily be removed. 

Like DeYoung, he does not view the Hope breach as an unusual situation.

“These kinds of problems are going to happen more and more frequently,” he said.

However, there are ways to prevent data breaches and minimize their effects.

According to Brian Paige, vice president and chief information officer, this includes using multifactor authentication and minimizing where Social Security numbers are stored. Paige said Calvin’s IT team “routinely practice[s] our responses to cyber incidents with tabletop exercises and scenario planning.”

Paige did not give details on how information is stored or protected. “Not disclosing the ‘playbook’ is part of the approach to preventing data breaches,” Paige said.  

Paige recommended that everyone follow good information security practices, such as using different passwords on every account and multifactor authentication as much as possible. 

He also said it is wise to “consider sharing less personal information on social media, making identity theft and impersonation more difficult.”

According to Attorney General Dana Nessel, those specifically affected by the Hope breach and other data breaches should monitor their credit, place a fraud alert on their credit report, and consider placing a credit freeze on their credit report. Hope College is offering free credit monitoring services to those affected for a year. 

If anyone has not received a letter but believes they may be impacted, they may contact 1-833-540-0798.