University of Michigan Suffers Massive Data Breach Following Network Hack

  • By Steven
  • Oct 27, 2023

Data Breach at Michigan University

The University of Michigan (UM) hosts more than 55,000 students, 35,000 staff members, and 640,000 alums. Unfortunately, following a recent cybersecurity breach, students, applicants, alums, employees, contractors, and donors may now have information at risk. The extent of the exposure is unknown, but the outcome could impact anyone. Those in association with UM must take steps to guard themselves before the assailants can misuse their information. 

How Did the Attack Occur? 

Despite UM’s attentive reactions, little is public about how the attack happened. According to their Notice of Data Incident, the attack involved an “unauthorized actor” within specific University systems. The unauthorized party then had access to the details of most of the campus, depending on the individual’s relationship with UM. It is unclear how the threat actor entered the network, but it could have happened in many ways. Social engineering could have played a part in the attack; however, it’s just as likely misconfigurations or infected technology are to blame. UM will continue its investigation until more information appears.

What Information Was Viewed or Stolen? 

The exposed credentials depend on the individual’s relationship to the University. Contractors, donors, alums, employees, students, and applicants risk having their information misused. Research participants and School of Dentistry patients are also at risk for exposure. Those directly associated may have their Social Security Numbers (SSN), driver’s licenses, financial accounts, payment information, and health details impacted. Simultaneously, participants and patients may have demographic (SSN), financial details, clinical information, and study credentials in danger. The University began sending notifications to impacted parties, but don’t wait to protect your information.

How Did the University of Michigan Admit to the Breach? 

UM suffered a downed connection on August 27th, 2023; the institution reacted by isolating its public network and requiring account holders to change their passwords. However, UM detected suspicious activity within their campus network four days earlier. From August 23rd to 27th, the threat actors presumably had access to the network and specific University systems. UM’s subsequent actions occurred in October; on the 23rd, UM began sending notifications to impacted individuals. This same day, they updated their website notice to reflect the newest information. The letter may take up to a week to arrive, but you don’t need to wait to take preventative steps. 

What Will Become of the Stolen Information? 

Nothing is public about the attackers or their goals, which makes speculation challenging. Depending on their ultimate motivators, they could have been after specific information like SSNs and payment details; they could have aimed for as much as possible access, including UM’s network mapping or other permission access. The attackers could have even been after information to ransom it back to the institution. No matter the assailant’s goal, if the attack impacts your information, your data is at risk for misuse.

What Should Affected Parties Do in the Aftermath of the Breach? 

Although UM sent notifications on October 23rd, it may take up to a week for letters to arrive. The notice outlines what is said here, along with some resource information. However, there’s no reason to wait for the mail when the threat is so prevalent. Take steps to protect yourself and your data before it can be misused. Employ a financial and credit monitor to oversee accounts and freeze everything if they find suspicious activity. Consider hiring an identity monitor for your SSN and public information to prevent misuse. Additionally, report phishing attempts whenever found and avoid giving out personal information.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “A ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

Health Organization Records Stolen via Welltok’s MOVEit - 930k+ Including Minors

Health Organization Records Stolen via Welltok’s MOVEit - 930k+ Including Minors

The number of victims caused by the global MOVEit data breach continues to climb; Welltok has announced more exposures, this time from three more health organizations.

MOVEit Breach Creates More Victims; 105k Records Stolen from Insurance Group

MOVEit Breach Creates More Victims; 105k Records Stolen from Insurance Group

"Pan American Life Insurance Group Building - New Orleans" by Tony Webster is licensed under CC BY 2.0. Source: Flickr

New York Healthcare Provider Notified 600k Following Network Cyberattack

New York Healthcare Provider Notified 600k Following Network Cyberattack

East River Medical Imaging (ERMI) has three locations in New York City and Westchester County.  ERMI is a "multi-modality radiology center," including patient-centered solutions like MRIs, CTs, ultrasounds, imaging, radiology, fluoroscopy, and x-rays.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address