University of Michigan Suffers Massive Data Breach Following Network Hack
Table of Contents
- By Steven
- Oct 27, 2023
The University of Michigan (UM) hosts more than 55,000 students, 35,000 staff members, and 640,000 alums. Unfortunately, following a recent cybersecurity breach, students, applicants, alums, employees, contractors, and donors may now have information at risk. The extent of the exposure is unknown, but the outcome could impact anyone. Those in association with UM must take steps to guard themselves before the assailants can misuse their information.
How Did the Attack Occur?
Despite UM’s attentive reactions, little is public about how the attack happened. According to their Notice of Data Incident, the attack involved an “unauthorized actor” within specific University systems. The unauthorized party then had access to the details of most of the campus, depending on the individual’s relationship with UM. It is unclear how the threat actor entered the network, but it could have happened in many ways. Social engineering could have played a part in the attack; however, it’s just as likely misconfigurations or infected technology are to blame. UM will continue its investigation until more information appears.
What Information Was Viewed or Stolen?
The exposed credentials depend on the individual’s relationship to the University. Contractors, donors, alums, employees, students, and applicants risk having their information misused. Research participants and School of Dentistry patients are also at risk for exposure. Those directly associated may have their Social Security Numbers (SSN), driver’s licenses, financial accounts, payment information, and health details impacted. Simultaneously, participants and patients may have demographic (SSN), financial details, clinical information, and study credentials in danger. The University began sending notifications to impacted parties, but don’t wait to protect your information.
How Did the University of Michigan Admit to the Breach?
UM suffered a downed connection on August 27th, 2023; the institution reacted by isolating its public network and requiring account holders to change their passwords. However, UM detected suspicious activity within their campus network four days earlier. From August 23rd to 27th, the threat actors presumably had access to the network and specific University systems. UM’s subsequent actions occurred in October; on the 23rd, UM began sending notifications to impacted individuals. This same day, they updated their website notice to reflect the newest information. The letter may take up to a week to arrive, but you don’t need to wait to take preventative steps.
What Will Become of the Stolen Information?
Nothing is public about the attackers or their goals, which makes speculation challenging. Depending on their ultimate motivators, they could have been after specific information like SSNs and payment details; they could have aimed for as much as possible access, including UM’s network mapping or other permission access. The attackers could have even been after information to ransom it back to the institution. No matter the assailant’s goal, if the attack impacts your information, your data is at risk for misuse.
What Should Affected Parties Do in the Aftermath of the Breach?
Although UM sent notifications on October 23rd, it may take up to a week for letters to arrive. The notice outlines what is said here, along with some resource information. However, there’s no reason to wait for the mail when the threat is so prevalent. Take steps to protect yourself and your data before it can be misused. Employ a financial and credit monitor to oversee accounts and freeze everything if they find suspicious activity. Consider hiring an identity monitor for your SSN and public information to prevent misuse. Additionally, report phishing attempts whenever found and avoid giving out personal information.