Social Security numbers and financial details were among the pieces of information compromised in the August 2023 cybersecurity attack, the University of Michigan revealed in a statement released Monday afternoon. The breach led Information Technology Services to disconnect the campus network from the internet for several days, leaving the campus community without internet access for the first few days of the fall 2023 semester.
According to the release, an unauthorized third party gained access to the personal information of students, employees, healthcare patients, alumni and other members of the campus community. Compromised information included Social Security numbers, driver’s license numbers, financial account details and medical records.
The University discovered “suspicious activity” on the U-M campus computer network on August 23 and promptly disconnected the network from the internet. The University went on to mandate password resets for all accounts following the attack.
The statement said campus administration will continue to work with law enforcement and third-party cybersecurity experts to investigate the breach and prevent future incidents.
The number of individuals whose information was compromised by the attack was not provided. The release states that the University has mailed letters to “relevant individuals” who were impacted by the breach.
Daily News Editor Irena Li can be reached at irenayli@umich.edu.
Related articles