Heimdal
article featured image

Contents:

The University of Michigan recently announced a data breach that took place in August. Cyber attackers broke into the university’s network, gaining unauthorized access to systems containing data of students, applicants, alumni, donors, employees, patients, and research study participants.

This unauthorized access spanned from August 23rd to 27th, revealing personal, financial, and medical records.

What Happened?

On the eve of a new academic year, the University of Michigan faced a cybersecurity incident, prompting the shutdown of all its systems and services.

The decision came just as classes were set to begin, causing a notable disruption for the institution. Recognized as one of the oldest and largest educational establishments in the U.S., the University of Michigan boasts over 30,000 academic and administrative staff and caters to approximately 51,000 students.

After identifying the breach, the University of Michigan promptly disclosed the incident and required a password reset for affected accounts within its system.

In a series of official announcements, the university revealed that the cyber incident resulted in IT outages and hampered access to online services like Google, Canvas, Wolverine Access, and email. Given the incident’s gravity, the administration opted for a complete disconnection from the internet, effectively severing wired and WiFi campus internet, M-Pathways, eResearch, DART, and student registration systems.

However, services such as Zoom, Adobe Cloud, Dropbox, Slack, Google, and Canvas have been tentatively restored, albeit with potential instability due to heavy traffic, explains Bleeping Computer.

Details of the Breach

A specialized team at the University conducted a review of the files compromised during the unauthorized access. Their analysis indicates that personal information of specific groups, including students, applicants, alumni, donors, employees, contractors, as well as patients from the University Health Service and School of Dentistry, and participants in research studies, was potentially accessed by the intruder.

According to the University’s Incident Notice, the exposed data includes:

Students, applicants, alumni, donors, employees, and contractors:

  • Social Security number
  • driver’s license or other government-issued ID number
  • financial account or payment card number
  • and/or health information.

Research study participants and University Health Service and School of Dentistry patients:

  • Demographic information (e.g., Social Security number, driver’s license or government-issued ID number)
  • financial information (e.g., financial account or payment card number or health insurance information)
  • University Health Service and School of Dentistry clinical information (e.g., medical record number or diagnosis or treatment or medication history)
  • and/or information related to participation in certain research studies.

The university has taken steps to notify all those affected. As a protective step, the University of Michigan is offering free credit monitoring services to those whose sensitive information was exposed in the incident.

The Rising Cyber Threats in the Education Field

The educational sector is experiencing a growing trend of cyberattacks, with numerous institutions falling victim to these incidents in recent months.

Institutions ranging from primary schools to universities, including the Minneapolis Public Schools, the University of Sydney, the Marymount Manhattan College, the University of Manchester, and the University of Michigan, have all faced cyber threats. These incidents have not only compromised student personal data but have also disrupted academic and administrative operations.

For those interested in exploring preventative measures and strategies to protect educational systems from cyber threats, we recommend checking out this article: Shielding Learning: The Power of Cybersecurity in Education.

For educational institutions aiming to safeguard their data, a multi-layered cybersecurity approach is the best option.

Endpoint security solutions, like those offered by Heimdal, protect various devices from unauthorized access and include features like privilege access management, DNS security, patch management, next-gen antivirus, and more.

Heimdal Official Logo
Simple standalone security solutions are no longer enough.
Is an innovative and enhanced multi-layered EDR security approach to organizational defense.
  • Next-gen Antivirus & Firewall which stops known threats;
  • DNS traffic filter which stops unknown threats;
  • Automatic patches for your software and apps with no interruptions;
  • Privileged Access Management and Application Control, all in one unified dashboard
Try it for FREE today 30-day Free Trial. Offer valid only for companies.

If you liked this article, follow us on LinkedInTwitterFacebook, and Youtube, for more cybersecurity news and topics.

Author Profile

Madalina Popovici

Digital PR Specialist

linkedin icon

Madalina, a seasoned digital content creator at Heimdal®, blends her passion for cybersecurity with an 8-year background in PR & CSR consultancy. Skilled in making complex cyber topics accessible, she bridges the gap between cyber experts and the wider audience with finesse.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE