Manipulated login software aids an attacker in capturing more than 1,500 passwords at University of Michigan

Incident Date: April 25 1999
Incident Location: Ann Arbor MI USA

On April 25, 1999 an attacker broke into the authentication server at the University of Michigan using a stolen user account and password. Once on the system, the attacker installed software in order to capture other usernames and passwords. The attacker managed to collect 1,534 passwords during a 23 hour period on the system.

Once detected, University of Michigan staff notified users of the incident and encouraged them to change their passwords. Passwords were automatically changed on May 4, 1999 (9 days later) for any users who failed to change their passwords themselves.

The Federal Bureau of Investigations (FBI) was called in to investigate the incident. There was no information available on the outcome of their investigation.

Story Sources

Title: Hacker breaks into ITD login server
Author: Rebecca Doyle
Date: 5/10/1999
Publication: The University Record
Publication Location: Ann Arbor MI USA
Publication URL:

Do you have additional information to contribute regarding this story? If so, please email with the details and source.

<-- Back to Authentication Story Index

[Home] [About Us] [News] [Research]

Copyright © 2016