Breach cyber

University of Michigan

Mar 21, 2025 1 min read
University of Michigan

Former University of Michigan assistant football coach Matthew Weiss was indicted on charges of hacking into student athlete databases, affecting over 150,000 people. Targeting primarily female athletes, he accessed personal information, medical records, and private photographs from more than 100 colleges and universities. Weiss also cracked encryption to gain unauthorized elevated access, and exploited university authentication processes.

Source: https://therecord.media/former-michigan-football-assistant-coach-indicted-hacks-athletes

TPRM report: https://scoringcyber.rankiteo.com/company/university-of-michigan

"id": "uni002032125",
"linkid": "university-of-michigan",
"type": "Breach",
"date": "3/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 150000,
                        'industry': 'Education',
                        'location': 'United States',
                        'name': 'University of Michigan',
                        'type': 'University'}],
 'attack_vector': 'Hacking, Encryption Cracking, Unauthorized Access',
 'data_breach': {'data_encryption': 'Yes, but cracked',
                 'number_of_records_exposed': 150000,
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal information',
                                              'Medical records',
                                              'Private photographs']},
 'description': 'Former University of Michigan assistant football coach '
                'Matthew Weiss was indicted on charges of hacking into student '
                'athlete databases, affecting over 150,000 people. Targeting '
                'primarily female athletes, he accessed personal information, '
                'medical records, and private photographs from more than 100 '
                'colleges and universities. Weiss also cracked encryption to '
                'gain unauthorized elevated access, and exploited university '
                'authentication processes.',
 'impact': {'data_compromised': ['Personal information',
                                 'Medical records',
                                 'Private photographs'],
            'legal_liabilities': 'Indictment on charges of hacking'},
 'initial_access_broker': {'entry_point': 'Student athlete databases',
                           'high_value_targets': 'Female athletes'},
 'motivation': 'Unauthorized access to personal information',
 'post_incident_analysis': {'root_causes': 'Weaknesses in university '
                                           'authentication processes'},
 'regulatory_compliance': {'legal_actions': 'Indictment on charges of hacking'},
 'threat_actor': 'Matthew Weiss',
 'title': 'Data Breach at University of Michigan and Other Institutions',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Weaknesses in university authentication processes'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.