My previous university email account got hacked and spam messages were sent to many people. What should I do?

Contact tech support and let them know what happened. They can probably clean it up appropriately. The apology message might be better if it comes from them. In any case, ask them for advice.

Perhaps you need to pay more attention to passwords and watch out for phishing attacks.

The first step is to reset your password, not just on this account, but everywhere that you use the same password or have easy to guess passwords. Then contact your IT support for advice. They will handle the communication to your alumni. To avoid this, or something worse happening again I would recommend using a password management application, these do more than just store your passwords, they can also randomly generate complex passwords that you will never need to remember. Activate multi-factor authentication on every account that allows it. Search the Microsoft website on how to recover a hacked or compromised Microsoft account.

If you still have the list of recipients of those team invitations, consider sending a message to them immediately to warn them. Viewing or accepting such invitations could run the risk of getting a virus or revealing personal data on a phishing website. This is the case when every minute counts, since a warning is only good if the recipient sees it before opening the spam message.

Apology is generally a good idea, but in this case you actually shouldn't sound too apologetic. You don't want to sound guilty and make people assume this incident is your fault, when in fact it may be someone else's.

And make sure to resolve this quickly: either reset the password on the account if you still need it, or contact the IT and ask them to disable it. An apology for the spam message followed by more spam doesn't look good.