Campus Alert Archive
KCC

A Ransomware Attack Closed All Five KCC Campuses at the End of the Term

MIinfrastructure failureadvisorymedium confidence
Confirmed Threat

Kellogg Community College began experiencing technology issues tied to a ransomware attack on Friday, April 29, 2022, and closed all five of its campuses — Battle Creek, Hastings, Albion, the Regional Manufacturing Technology Center at Fort Custer, and Coldwater — affecting roughly 9,000 students. Classes and operations were suspended until the college could confirm its systems were safe, and students returned the following Wednesday. The attack struck at the end of the spring term.

Alerts
3
Response
Killed
Injured
Institution
Kellogg Community College
Community College · MI
~9,000 students
Confirmed Timeline

Alert Sequence

3 messages in sequence

Some alert texts below are approximate reconstructions from news coverage, not confirmed verbatim transcripts. Reconstructed texts are shown in italic with a dashed border. Verified verbatim texts have a solid border and are marked accordingly.

INITIAL ALERTWebsite
Approximate reconstruction247 chars
KCC is currently experiencing technology issues affecting our systems. Out of an abundance of caution, all KCC campuses are closed and classes are canceled until further notice. We are investigating and will share updates as they become available.

This text has been reconstructed from news coverage and may not reflect the exact original wording.

Reconstructed: the college's first public framing was 'technology issues' before it confirmed a ransomware attack, and it closed all five campuses 'until further notice.'
The 'until further notice' phrasing reflects the open-ended nature of cyber recovery versus a fixed weather closure.
UPDATEWebsite
Approximate reconstruction319 chars
Update: On Friday, April 29, KCC began experiencing technology issues that we have now determined were related to a ransomware attack. All five campuses remain closed and classes are canceled while we work with independent advisors and third-party experts to confirm our systems are secure. Thank you for your patience.

This text has been reconstructed from news coverage and may not reflect the exact original wording.

Reconstructed from the KCC Daily article, which dated the start of issues to April 29 and confirmed the ransomware attack and the closure of all five campuses.
The college framed reopening around a security confirmation ('confirm our systems are secure') rather than a calendar date.
UPDATEWebsite
Approximate reconstruction256 chars
Independent advisors and third-party experts have confirmed our systems are safe and secure. KCC campuses will reopen and classes will resume Wednesday, May 4. For your security, you will be required to reset your password before accessing college systems.

This text has been reconstructed from news coverage and may not reflect the exact original wording.

Reconstructed: WWMT reported students returned Wednesday after experts confirmed systems were safe and that password resets were required.
The mandatory password reset is a concrete post-incident security measure and a recurring fingerprint of higher-ed ransomware recoveries.
Context

Background

Kellogg Community College, a roughly 9,000-student two-year college based in Battle Creek, Michigan, began experiencing technology problems on Friday, April 29, 2022, that it later confirmed were a ransomware attack. The attack forced the closure of all five KCC campuses — in Battle Creek, Hastings, Albion, the Fort Custer Industrial Park, and Coldwater — and the cancellation of classes near the end of the spring term, according to WOOD-TV and The Record. Students returned Wednesday, May 4, after the college said independent advisors and third-party experts confirmed its systems were secure, and required password resets. Some reporting linked the BlackCat/ALPHV ransomware group to the incident, though the college did not publicly confirm attribution. As with peer institutions, the attack closed physical campuses because the underlying systems that run classes were offline.
Analysis

Key Findings

A ransomware attack closed all five Kellogg Community College campuses near the end of the spring term
Roughly 9,000 students were affected across Battle Creek, Hastings, Albion, Fort Custer and Coldwater
The college tied reopening to a security confirmation rather than a fixed date and required mandatory password resets
Reporting linked the BlackCat/ALPHV group to the attack, a prolific actor in higher-ed ransomware in 2022-2023
Outcome
KCC reopened campuses and resumed classes Wednesday, May 4, 2022, after independent advisors and third-party experts confirmed the systems were secure; the college required password resets. Reporting linked the BlackCat/ALPHV group to the attack, though KCC did not confirm attribution publicly.
Provenance

Sources

  1. Official
    KCC systems impacted, campuses closed due to ransomware attack - KCC Daily
    daily.kellogg.edu
  2. News
    Ransomware attack disrupts end of Kellogg Community College term - WOOD-TV
    woodtv.com
  3. News
    Classes resume at Michigan community college after ransomware attack - The Record
    therecord.media
  4. News
    Kellogg Community College students return to class after ransomware attack - WWMT
    wwmt.com
Tags
cyberattackransomwarecommunity-collegemichiganblackcat-alphvcampus-closureadvisory
Added May 2026Updated May 2026Via ingestion