Skip to main content
Bridge Michigan
Michigan’s nonpartisan, nonprofit news source

Financial info of students, alumni compromised by August data breach, U-M says

University of Michigan Law School Quadrangle
The University of Michigan students, employees and alumni may have had their personal information taken by an unauthorized third party, the university said Monday. (iStock photo by tiny-al)
  • University of Michigan students, employees, alumni and others may have had their information stolen by an ’unauthorized third party’
  • U-M will offer free credit monitoring services to affected people 
  • The university says it is working to make its technology more secure

University of Michigan students, employees and alumni may have had their personal and financial information compromised by an August data breach, the university announced Monday.

The university shut down its campus internet services after detecting a “significant security concern” the weekend before classes started.


Now, the university said its investigation found an “unauthorized party was able to access certain university systems” from Aug. 23 to Aug. 27. Classes began Aug. 28


Students, applicants, alumni, donors, employees and contractors may have had their Social Security numbers, government-issued ID numbers, financial account and health information compromised, the university said. 

Also, research study participants and patients at the University Health Service and School of Dentistry may have had demographic information, financial information, clinical information and other information possibly compromised. 

Ravi Pendse, vice president for information technology and chief information officer, and Sol Bermann, chief information security officer and executive director of information assurance, announced the update Monday afternoon. 

“The investigation was comprehensive and determined that the unauthorized third party was able to access certain information, including information relating to certain members of our community,” they said.  

“We are currently in the process of notifying relevant individuals. We understand this news is difficult and we are committed to supporting every member of our community.” 

Officials said the U-M is still coordinating with law enforcement and is working with cybersecurity experts to “take steps to harden our systems and emerge from this incident as a more secure community.”’


What to know

The university mailed letters Monday to those who were affected with known addresses. Letters should arrive in five business days.

The university is also offering free credit monitoring services to those affected. People interested in the service — or those with questions —  should call the university’s call center at 1-888-998-7088. It is open 9 a.m. to 9 p.m. Monday through Friday.

The university’s announcement also includes how to report identity theft to the Federal Trade Commission and where to request credit reports.

How impactful was this article for you?

Only donate if we've informed you about important Michigan issues

See what new members are saying about why they donated to Bridge Michigan:

  • “In order for this information to be accurate and unbiased it must be underwritten by its readers, not by special interests.” - Larry S.
  • “Not many other media sources report on the topics Bridge does.” - Susan B.
  • “Your journalism is outstanding and rare these days.” - Mark S.

If you want to ensure the future of nonpartisan, nonprofit Michigan journalism, please become a member today. You, too, will be asked why you donated and maybe we'll feature your quote next time!

Pay with VISA Pay with MasterCard Pay with American Express Pay with PayPal Donate Now