Updates Cyberattack

Backlogs due to cyber attack

Over the past few months, we have worked hard on many levels to resolve the effects of the cyber attack. This has made many systems available or almost available. However, we're far from there yet. Many minor systems still need to be taken to a higher level of security. As a result, the capacity of ICTS and information managers is still being deployed for repair work in addition to regular work and is therefore not available for other tasks and projects.

Unfortunately, this has led to backlogs. The resolution times of reports to the ICTS service desk, or lead times of regular activities will also be longer than usual. We ask for your understanding for this situation and hope to gradually bring the service level back to what you are used to from us in the coming months.

UM Cyber Attack Symposium – Lessons learnt

At a symposium on Wednesday 5 February, Maastricht University (UM) addressed the cyber attack that took place on 23 December. The symposium was open to invited guests only. Other interested parties could follow the livestream, which you can replay below. Due to the complexity of the subject matter and the presence of Dutch media only, the symposium was held in Dutch.​

The symposium provided insight into what actually happened, and addressed broader cyber-related issues such as digital security in the public sector.

UM enlisted the help of an IT security company as of 24 December. Fox-IT assisted in crisis management, charting the attack and conducting forensic investigations, and advised during the recovery process.

  You can read a management summary of the Fox-IT report and UM's response to the report in English
  Or you can read the full Fox-IT report, with an explanation from UM in Dutch 
  If you have any questions about the report or the symposium, please email us 

Watch the live recordings of the cyber attack symposium (Dutch only)

On 23 December 2019, there was a serious cyberattack against Maastricht University (UM). Since then, experts have been working hard to repair the damage and reactivate all systems. On this page you can find the latest update and an overview of all previous updates. 

 Also read the summary of all the activities of the past weeks.

Update #22

27 January 2020

From 9 o'clock this morning, students and staff are able to print, copy and scan again from UM workstations. VPN is also up and running, so as of today, people can work safely from home, with secure access to UM servers.


Print orders can be given by selecting the printer installed on UM workstations. The myprint website is also operational. People who were logged in from their workplace before 9 am may receive an "access denied" message when selecting a printer. If so, they will need to log in again.


Access to the Virtual Private Network has also been restored, but only for employees. The start-up dialogue box shows an extra field, with 'Employees' as the default choice.

Students looking to access UM Services can use Student Desktop Anywhere (SDA), which has been operational since 6 January.

Many things are working again, but not everything

Five weeks after the cyber attack, work has almost returned to normal for most staff. Students are able to attend classes, take exams, access the online library and more. See also the most current overview of which systems are already working and which are not available yet. At the same time, a system can sometimes work slowly, suddenly shut down or otherwise fail to meet the standards that the UM community is used to. This requires some patience from everyone and understanding for the colleagues who are working hard every day for us.

Schedules for period 4 available

The schedules for period 4 are now available for students. This is slightly later than usual, but no later than the previously announced date.

Leniency arrangement for students

For students who have been disadvantaged or suffered damage as a result of the cyber attack, there is a leniency arrangement. You can apply for this by completing the Application Form Cyber ​​Attack Leniency Committee on the website. Do this as quickly as possible, but at the latest within two months after the disadvantage or damage has become known. Submission is possible until 31 August at the latest. In principle, every application will be evaluated by the Executive Board within four weeks of receipt.

Registering online for open days

Prospective students who want to register for the upcoming Bachelor's or Master's Open Day, can do so online again. For this, you can visit the website of the Bachelor's Open Day on 8 February or the Master's Open Day on 7 March.  

Information desks and mailboxes for students and staff

As from 24 January, the temporary email addresses are no longer in use. (Prospective) students and employees can reach us through the regular communication channels again (please check the website of your own faculty, service centre or study programme for which you are applying). Did you already send an email to a temporary email address and haven’t received an answer yet? Please send your question again to the contact address of your faculty, service centre or study programme, and you will receive an answer as soon as possible. Students who have questions that are not answered in the FAQ and that are not related to their study programme, can send an email to study@maastrichtuniversity.nl.  

Opening hours call centre for students
The call centre can be reached on working days from 8:30 until 17:00 at +31 43 38 85 388. 


Students and employees:
(Prospective) students and employees can reach us through the regular communication channels (please check the website of your own faculty, service centre or study programme for which you are applying). Students who have questions that are not related to their study programme, can send an email to study@maastrichtuniversity.nl.

UM press officer Fons Elbersen, +31 6 53944500.