What to Do if Your Account is Compromised

Change your UMICH password

  • If you suspect your U-M account has been compromised or stolen:
    1. Change your UMICH (Level-1) password. For instructions and tips, see Choosing and Changing a Secure UMICH Password.
    2. Set new security questions if you had previously set them in UMICH Account Management.
  • If you suspect a personal account has been compromised, change the password for that account. Choose a strong password and make it unique to that account. Do not use the same password for multiple accounts; that puts all your accounts at risk if one is compromised.

Report it

  • Report a suspected compromised U-M account immediately to the ITS Service Center or, at the Michigan Medicine, to the HITS Service Desk (msishelp@umich.edu).
  • If you suspect a personal account has been compromised, check the account documentation to find out how to report the compromise.

Monitor your accounts

  • Check your U-M Google email for suspicious activity. Make screen shots showing any settings that have been tampered with to include in your report of the incident.
    • Check activity on your account by clicking the Details link at the bottom of your inbox (when accessing your mail from a Web browser). See Google's Last account activity help. Click the Sign out all other web sessions button if you see suspicious activity.
    • Check the Trash and Sent mail folders for messages you didn’t send or delete.
    • In your Mail Settings, review Forwarding and Filters and delete those you don’t recognize.
    • In your Mail Settings, under Account, check the settings for Send mail as and Grant access to your account to be sure these have not been changed.
  • Learn more about monitoring and securing your Google Mail, as well as about protecting your personal information and privacy, at Google: My Account.
  • Check your other U-M services for suspicious activity. For example, look for files in your online storage space, such as MFile, that you did not put there.

Turn on Two-Factor for Weblogin

  • Your password needs a partner! To add extra protection to your account, turn on two-factor authentication for Weblogin (the login page for Wolverine Access, U-M Google, U-M Box, and more).
  • When you have two-factor authentication turned on, anyone trying to access your U-M account must provide two proofs of ID. The two factors, or proofs of ID, are:
    • Something you know - your password.
    • Something you have, such as a passcode, a phone, or even a mobile app.