The University of Michigan says in a statement today that they suffered a data breach after hackers broke into its network in August and accessed systems with information belonging to students, applicants, alumni, donors, employees, patients, and research study participants.

    • esc27@lemmy.world
      link
      fedilink
      arrow-up
      8
      ·
      1 year ago

      Possibly. University networks can be complicated. You have a large number of students who change yearly, a large group of faculty who tend to enjoy more privileges and autonomy than a corporate employee, lots of different IT departments, lots of tech debt and legacy apps/equipment, likely not enough funding and typically a difficulty attracting and keeping IT professionals who can usually make more money in a corporate job…

      And even if they did catch it immediately it takes time to assess the breach, talk with lawyers and law enforcement, determine the scope of the issue, contract a company to assist with notification requirements, identify everyone whose data was breached, identify likely addresses for those people, draft notification letters and press releases, get those drafts approved, etc.

    • BEEKAYRANDEE@kbin.socialOP
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      It’s not that they just found out, but more that they have combed through and prepared all of the information they could legally release.