this post was submitted on 25 Oct 2023
48 points (98.0% liked)

Sysadmin

7631 readers
1 users here now

A community dedicated to the profession of IT Systems Administration

No generic Lemmy issue posts please! Posts about Lemmy belong in one of these communities:
[email protected]
[email protected]
[email protected]
[email protected]

founded 1 year ago
MODERATORS
 

The University of Michigan says in a statement today that they suffered a data breach after hackers broke into its network in August and accessed systems with information belonging to students, applicants, alumni, donors, employees, patients, and research study participants.

top 4 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 1 year ago (3 children)

August was almost 3 months ago, did they just find out now?

[–] [email protected] 8 points 1 year ago

Possibly. University networks can be complicated. You have a large number of students who change yearly, a large group of faculty who tend to enjoy more privileges and autonomy than a corporate employee, lots of different IT departments, lots of tech debt and legacy apps/equipment, likely not enough funding and typically a difficulty attracting and keeping IT professionals who can usually make more money in a corporate job...

And even if they did catch it immediately it takes time to assess the breach, talk with lawyers and law enforcement, determine the scope of the issue, contract a company to assist with notification requirements, identify everyone whose data was breached, identify likely addresses for those people, draft notification letters and press releases, get those drafts approved, etc.

[–] [email protected] 2 points 1 year ago

No, they're just releasing information now. Bleeping Computer wrote this when the incident first happened: https://www.bleepingcomputer.com/news/security/university-of-michigan-shuts-down-network-after-cyberattack/

[–] [email protected] 1 points 1 year ago

It's not that they just found out, but more that they have combed through and prepared all of the information they could legally release.