Ex-Michigan Coach Matt Weiss Faces Federal Charges Over Alleged Hacking of 3,300+ Athletes

Charges: Weiss pleaded not guilty to 24 counts of unauthorized computer access and aggravated identity theft.

Scope: Prosecutors allege Weiss hacked into social media, email, and iCloud accounts of approximately 3,300 female college athletes across roughly 100 schools between 2015 and 2023.

Method: The indictment suggests Weiss gained access via a third-party vendor, Keffer Development Services, which handles athlete medical data, and then used personal information to guess or reset passwords.

Alleged Motive: Weiss allegedly sought and downloaded "personal, intimate photographs" for his own use, not for financial gain, extortion, or public sharing. He reportedly kept notes on victims' characteristics.

Impact: Institutions like Westmont College (a small DII school) were affected, highlighting the wide reach. A class-action lawsuit has been filed by former Michigan athletes against Weiss, the university, and Keffer.

Why This Matters: This case raises serious concerns about data security in college athletics, the vulnerability of third-party vendors, and the potential for widespread privacy violations affecting student-athletes. It underscores the need for robust cybersecurity measures and oversight.

Who This Affects Most: Primarily the thousands of female athletes whose privacy was allegedly violated. It also impacts the universities involved, facing legal action and reputational damage, and third-party vendors like Keffer. Current and future student-athletes may also feel increased anxiety about their data security.

How to Prepare (General Advice): While specific actions depend on institutional responses, individuals can strengthen their own digital security by using strong, unique passwords, enabling two-factor authentication, being cautious about information shared online, and regularly reviewing account activity. Institutions should review vendor security protocols and enhance internal cybersecurity training and monitoring.

Q: What specific charges does Matt Weiss face?

A: He faces 24 federal counts of unauthorized access to computers and aggravated identity theft. He has pleaded not guilty.

Q: How many athletes were allegedly affected?

A: Prosecutors estimate around 3,300 female athletes from approximately 100 different schools were targeted over nearly a decade.

Q: Was the University of Michigan aware of this activity?

A: Michigan fired Weiss in January 2023 after discovering "inappropriately accessed" computer accounts within its football facility. A lawsuit alleges negligence by the university.

Digital privacy is paramount; sensitive data stored by institutions or third parties can be vulnerable.

The scope of this alleged breach highlights potential systemic risks in how athlete data is managed across colleges.

Individuals should prioritize personal cybersecurity hygiene (strong passwords, 2FA).

Institutions need robust security measures and strict oversight of third-party data processors.

ESPN: How the hacking allegations around former Michigan coach are rippling nationwide

The Detroit News: Warrants reveal what was seized from ex-UM coach Weiss' home, office