Article Details

University of Michigan: Employee, student data stolen in cyberattack. The University of Michigan says in a statement today that hackers breaching its network in August accessed systems with information belonging to students, applicants, alumni, donors, employees, patients, and research study participants. Unauthorized access to the servers lasted between August 23-27, the university says, and the data exposed included personal, financial, and medical details. An August cyberattack After detecting suspicious activity in August, the University of Michigan, isolated its entire campus network from the internet to minimize the impact. Following a detailed analysis from “a dedicated review team,” the University believes that besides personal data, like an individual’s name, the threat actor also accessed medical and financial information. For students, applicants, alumni, donors, employees, and contractors, the educational organization says that the following details were exposed: Data belonging to participants in research studies and patients of the University Health Service and School of Dentistry may have been impacted, too: All individuals whose information was exposed during the breach have been informed of the incident. The letters were mailed today and may take up to five days to reach the destination. “Out of an abundance of caution, we are offering individuals whose sensitive information may have been involved in this incident complimentary credit monitoring services” - University of Michigan The University of Michigan disclosed the intrusion shortly after discovering it about a week later and forced a password reset for the accounts on its computer systems. The educational institution is one of the oldest and largest in the United States, with an academic and administrative staff of more than 30,000 and about 51,000 students.