University of Michigan warns that personal information was leaked during cyberattack


Troves of sensitive personal information from students, applicants, employees and others were leaked during an August cyberattack, University of Michigan said Monday.

In an update on the incident, school officials explained that even though they were able to contain the cyberattack by disconnecting the campus network from the internet, the hackers were still able to access some university systems from August 23 to August 27.

The university hired an incident response firm to assess the situation and determined that the hackers were able to access personal information relating to certain students and applicants, alumni and donors, employees and contractors, University Health Service and School of Dentistry patients, and research study participants.

For students, applicants, alumni, donors, employees and contractors, the information accessed included Social Security numbers, driver’s license numbers, government IDs, financial account and payment card numbers, as well as health information.

The hackers accessed that same information in addition to medical record numbers, diagnosis information, treatment data and medication history belonging to research study participants and University Health Service and School of Dentistry patients.

The school did not respond to requests for comment about how many people had their information accessed.

The university said it is still coordinating with law enforcement about the issue and mailed letters to everyone affected on October 23.

All victims are being offered free credit monitoring services for an undisclosed amount of time, and a call center is being created for victims who have questions.

“The investigation was comprehensive and determined that the unauthorized third party was able to access certain information, including information relating to certain members of our community,” said Chief Information Officer Ravi Pendse and Chief Information Security Officer Sol Bermann in a statement.

“We are currently in the process of notifying relevant individuals. We understand this news is difficult and we are committed to supporting every member of our community.”

The school’s more than 51,000 students were cut off from the internet for days right as the school year began after the cyberattack was discovered.

The school never said whether it was a ransomware attack and no ransomware gang has taken credit for the incident.

But ransomware gangs have increasingly targeted organizations in the state with brazen attacks, damaging several community colleges across Michigan earlier this year as well as one of the state’s largest healthcare systems three weeks ago.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Cisco identifies another IOS XE vulnerability, with patches coming this weekend

Next Post

Spanish police arrest 34 alleged cybercriminals for scamming operation

Related Posts

CISA Warns of Actively Exploited D-Link Router Vulnerabilities – Patch Now

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting D-Link routers to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2014-100005 - A cross-site request forgery (CSRF) vulnerability impacting D-Link DIR-600 routers that allows an
Read More