How U-M Addresses Compromised Accounts

In the event that your UMICH account is compromised, it's important for you to understand the steps Information Assurance (IA) will take to help restore your account, and what IA expects from you as the account holder.

If Information Assurance identifies your UMICH account as compromised, we will:

  1. Your UMICH (Level-1) password will be randomized.
  2. Your UMICH account recovery information will be cleared. You will need to reset your account recovery information in UMICH Account Management to reset your forgotten password in the future.
  3. Contact the ITS Service Center by chat or phone (734-764-4357) to have your password reset.
  4. If you are a U-M employee, you may be contacted via email or phone by an IA staff member. IA will work with your unit as necessary to determine if other information was accessed.

What we ask you to do and not do:

  • Do not change your password back to what it was when it was compromised!
  • Do review the guidance in Protect Your Passwords and Identity when choosing a new password for your UMICH account.
  • Do not change it to a password you use for other sites.
  • Do Not reuse your UMICH password for other sites and services.

See What to Do if Your Account is Compromised for more on what you can do to recover from a compromised account.

How IA Identifies Compromised Accounts

  • Reports from compromised users. Some compromised account reports lead Information Assurance (IA) to discover other affected account-holders. Because of this, please report any suspected account compromise, even if you’ve already changed your password.
  • System monitoring. Automated system monitoring alerts systems administrators to suspicious or unauthorized activity.
  • “Abuse” complaints. Complaints or alerts received from third parties about spam or network-based attacks coming from U-M accounts.
  • Log analysis. Investigation of security incidents sometimes reveals evidence of compromised accounts.