The web Browser you are currently using is unsupported, and some features of this site may not work as intended. Please update to a modern browser such as Chrome, Firefox or Edge to experience all features Michigan.gov has to offer.
AG Nessel Re-Issues Data Breach Alert Following University of Michigan Network Infiltration
October 24, 2023
LANSING – Attorney General Dana Nessel wants those whose information may have been compromised in the recent University of Michigan data breach to know what steps they can take to protect their data from scammers and identity thieves.
On October 23, 2023, U of M issued a statement announcing it had sustained a data breach after a hacker broke into its network in August. Personal data belonging to certain students, applicants, alumni, donors, employees, contactors, University Health Service, and School of Dentistry patients and research participants was accessed. After the suspicious activity was detected on the U of M network, the school shut down its computer systems on the afternoon of August 27, 2023. The university is sending letters to those whose sensitive personal information was involved in the incident and who have an address on file with the school. Anyone with questions, including those who believe their information was involved in the data breach and have not received a letter, can call 888-998-7088 from 9:00 a.m. to 9:00 p.m. Eastern Time, Monday through Friday.
Examples of the types of information that may have been accessed, depending on an individual’s affiliation with the University, include:
- Students, applicants, alumni, donors, employees, and contractors: Social Security number, driver’s license or other government-issued ID number, financial account or payment card number, and/or health information.
- Research study participants and University Health Service and School of Dentistry patients: Demographic information (e.g., Social Security number, driver’s license or government-issued ID number), financial information (e.g., financial account or payment card number or health insurance information), University Health Service and School of Dentistry clinical information (e.g., medical record number or diagnosis or treatment or medication history), and/or information related to participation in certain research studies.
Every year, the number of data breaches and documented cases of identity theft increases. In the event that a breach affects your information, you should take the threat seriously and take precautions to avoid being a victim of identity theft.
The Department of Attorney General’s Data Breaches: What to do Next alert provides consumers with useful information about what kind of information can be accessed during a data breach.
“Those who may be impacted by the U of M data breach should take any suspicion that their personal information has been compromised extremely seriously,” said Nessel. “My department’s website has tips for those who may be affected, and my consumer protection team stands ready to help anyone whose identity has been stolen or jeopardized.”
You can protect yourself during a data breach by taking the following actions:
- Watch out for phishing emails;
- Strengthen or change your passwords;
- Do not retain unnecessary data or files;
- Use multifactor authentication on devices and accounts; and
- Review your credit report often. Take advantage of free weekly credit reports from each of the three main credit reporting agencies: Equifax, Experian, and TransUnion by contacting the Annual Credit Report website.
To file a complaint with the Attorney General, or get additional information, contact:
Consumer Protection Team
P.O. Box 30213
Lansing, MI 48909
Online complaint form