Update: University of Michigan Requires Password Resets After Cyberattack

On Tuesday, the University of Michigan (UMICH) warned staff and students that they must reset their account passwords after a recent cyberattack. Emails sent by the university's CISO and CIO to community members seen by BleepingComputer ask for password changes by September 12. Failure to abide by this mandatory change will lead to the users being unable to sign into their accounts until they go through the much more intricate forgotten password recovery procedure. "The University of Michigan is requiring all community members to change their UMICH password by the end of day on Tuesday, September 12," UMICH CISO Sol Bermann and CIO Ravi Pendse said in emails to university staff and students. "Everyone on the Ann Arbor, Flint, Dearborn, and Michigan Medicine campuses must change their passwords by Tuesday, September 12," the university's ITS Service Center (ITS) also warns. "If you do not change your password, you will not be able to use your UMICH password, including services that use the U-M Weblogin and U-M managed devices. Alumni, retirees and other groups can change their passwords now. Additional information for these groups will be coming soon."