IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

K12 SIX Debuts Free Tool for Finding Compromised Accounts

Created in partnership with Identity Automation, a scanning and reporting tool on the nonprofit's website helps schools flag user credentials on their network that have appeared in data leaks.

Identity and Access Management
The cybersecurity nonprofit K12 Security Information eXchange (K12 SIX) launched a free tool on its website this week for schools to identify and secure user accounts whose passwords have appeared in data breaches.

According to a news release, K12 SIX enlisted the help of identity management software company Identity Automation to create the scanning and reporting tool that can assess whether names and email addresses in a school district's user account have also been associated with a compromised account on some other platform or website. For example, if a teacher's school login used the same credentials as their personal Facebook account, and that account was compromised in a publicly disclosed data breach, K12 SIX's scanning tool would flag it. The news release said the tool lets users know how many exposures an account or domain has, the number of breaches an account has been involved in and how many days have passed since the last exposure.

The launch of the tool coincides with high levels of concern among K-12 leaders about ransomware attacks, data breaches and unauthorized network access through district accounts, and as schools increasingly digitize instruction for hybrid learning options.

"Since announcing the partnership between our two organizations in January 2022, the new tool marks the latest collaboration that aims to enhance K-12 cyber resilience amid ever-growing attacks," Identity Automation CEO Jim Harold said in a public statement. "Identity Automation's longtime expertise in [identity account management] pairs well with K12 SIX's overarching mission to enhance cybersecurity in the community — arming schools with an easily used tool that generates a simple report. It illustrates the need for a strong, continuous IAM solution that serves a key role in the overall cybersecurity posture for any district. This brings ever-valuable visibility into weak spots that could lead to costly ransomware attacks."

According to the news release, Identity Automation will exhibit the new tool at K12 SIX’s inaugural National K-12 Cybersecurity Leadership Conference from Feb. 22-23, 2023, in Austin, Texas.

"The abuse of compromised educator and staff accounts are among the most frequent ways that school districts are victimized by cyber attacks," Doug Levin, national director at K12 SIX, said in a public statement. "Given that securely and efficiently managing educator, staff and student accounts remains a challenge for too many school districts, we appreciate the opportunity to shine a light on this vital issue and highlight common-sense solutions."