University of Michigan

The University of Michigan has taken all of its systems and services offline to deal with a cybersecurity incident, causing a widespread impact on online services the night before classes started.

University of Michigan (U-M) is one of the oldest and largest educational institutes in the United States, employing over 30,000 academic and administrative staff and having roughly 51,000 students.

In a series of announcements published on the University's website, starting on Sunday, a cybersecurity incident caused IT outages and disrupted access to vital online services, including Google, Canvas, Wolverine Access, and email.

Although U-M engaged its IT team to restore the impacted systems, the administration felt it was safest to disconnect the U-M network from the internet due to the severity of the incident.

"Sunday afternoon, after careful evaluation of a significant security concern, we made the intentional decision to sever our ties to the internet," reads the status update from Sunday.

"We took this action to provide our information technology teams the space required to address the issue in the safest possible manner."

This includes wired and WiFi campus internet, M-Pathways, eResearch, DART, and all systems used in student registration.

Zoom, Adobe Cloud, Dropbox, Slack, Google, Canvas, and Adobe Cloud services have been restored and can be accessed from outside networks, although their availability is unstable due to overload.

However, the timing of the incident should not be ignored, as the attack occurred on the eve of a new academic year as students and faculty were preparing to start classes.

Due to this, the U-M administration has decided to waive late registration or disenrollment fees for August.

Students rely on the currently offline systems to access class information and to navigate the large campus, especially during the initial days of classes. Due to the lack of access, students will be given special consideration to students for attendance and assignments.

The announcement also warns that some financial aid payments and refunds will be delayed due to the IT outage.

To view up-to-date information about class schedules and locations, students are urged to consult this webpage.

U-M notes that it is working with external cybersecurity experts and federal law enforcement to investigate the attack.

BleepingComputer has contacted U-M to request more information about the nature of the security incident that has impacted the University, but we have not heard back by publication time.

This has been a rough month for educational institutes in Michigan. 

Three weeks ago, Michigan State University disclosed that it had been impacted by the MOVEit data theft attacks.

If you have any information on this attack or other attacks, you can contact us confidentially via Signal at 646-961-3731.

Related Articles:

MoneyGram confirms a cyberattack is behind dayslong outage

The true (and surprising) cost of forgotten passwords

Get this $35 ethical hacking bundle deal for the IT job seeker on your list

This $30 cybersecurity course deal helps prepare for certifications

Break into a cybersecurity career with this certification course deal