Case Study: The University of Oklahoma strengthens account security with SpyCloud

OU Remediates 1,000 Exposed Email Accounts in Less than 24 Hours with SpyCloud

The University of Oklahoma (OU), a public research university with 80,000 active accounts, needed a better way to identify exposed student and staff credentials and reduce the risk of account takeover. Relying on open sources and third-party alerts left gaps, especially for exposures that were not publicly posted, and OU lacked the resources to manually investigate every incident. SpyCloud helped address this challenge with exposure data and an API that could be integrated into OU’s security workflows.

The University of Oklahoma implemented SpyCloud by connecting the SpyCloud API to its SOAR platform and internal Active Directory checks, using the data to automatically create tickets and compare exposed credentials against active accounts. With SpyCloud, OU processed more than 7,000 exposed emails in under 30 minutes, found over 1,000 password matches, and secured those accounts within hours. SpyCloud gave OU the automation and actionable data it needed to remediate faster with minimal resources.

The University of Oklahoma

Aaron Baillio

Deputy Chief Information Security Officer