The personal information of 400,000 people was in a Michigan State University database which was accessed by hackers.

The database includes information on all students who attended MSU between 1991 and 2016. The database also includes information on all faculty, staff and students who were employed by MSU between 1970 and Nov. 13, 2016.

Michigan State confirmed the breach on November 13, 2016. The database included names, social security numbers, MSU identification numbers and dates of birth.

449 of the 400,000 records have been confirmed to be accessed by the third party, but the rest could be at risk.

MSU is offering two free years of identity theft protection, fraud recovery and credit monitoring to all who are at risk.

Michigan State University President Lou Anna K. Simon issued this statement:

At Michigan State University, we are committed to data and privacy protection. Regrettably, we were recently the target of a criminal act in which unauthorized users gained access to our computer and data systems. Information security is a top priority of our university, and we know the frustration this is causing members of our community.

We have a deep sense of obligation to our MSU family, and we are taking aggressive action to protect any personal information that may have been compromised. Only 449 records were confirmed to be accessed within the larger database to which unauthorized individuals gained access. However, as a precaution, we will provide credit monitoring and ID theft services for any member of our community who may have been impacted by this criminal act. We also will continue to work diligently in our efforts to protect the integrity of our data systems and improve the security of information that is entrusted to us.”

All information about the data breach and any further updates are available here.