W-2 forms accessed by suspect after obtaining 40 usernames and passwords
Central Michigan University Police are searching for a suspect that accessed W-2 forms by obtaining 40 usernames and passwords used to access personal university online accounts last week.
CMU’s Office of Information and Technology contacted CMUPD last Tuesday and reported that 40 W-2 tax forms of students, faculty and staff were accessed on Cmich.edu sometime overnight between Sunday, Jan. 29 and Monday, Jan. 30, according to CMUPD Lt. Cameron Wassman.
Heather Smith of University Communications stated Monday evening the suspect did not hack the university's system but rather compromised it by obtaining Cmich.edu usernames and passwords, logging in the 40 accounts and then accessing individuals' personal financial information.
Smith stated University Communications does not know how the suspect was able to access the usernames and passwords.
Wassman said the university’s police department has contacted the Federal Bureau of Investigation as well as other federal agencies to help them investigate the case.
“The FBI has been contacted, and we’ll be meeting with them this week,” Wassman said Monday.
No suspects have been identified as of yet, Wassman said.
“With these (cases the suspect) could be somebody close or somebody far away. You never know,” he said
Wassman said the individuals whose information was accessed have since been contacted by the university about the incident.
A W-2 tax form includes an employer’s name, address, social security number, wage amount, employer’s state identification number and other financial information related to Medicare and social security.
The incident remains an open investigation.