TCC (ASCENDER Programming Staff) has been notified twice in the past few weeks of employee accounts being compromised that resulted in a Gmail Account takeover.
Please share the following with appropriate district technology staff and other staff that have ASCENDER > Security Administration Access.
Information known from the security breach:
- The compromise originated from access to a Gmail account
- ASCENDER Banking information was altered as part of the unauthorized activity
- The affected users held privileged permissions, such as District Admin rights.
Immediate Recommended Actions:
Please conduct a review of all staff accounts with elevated permissions and ensure the following security measures are in place:
Do NOT save username and password to ASCENDER in your browser’s password manager. If you have them saved, our suggestion is to remove those saved credentials.
In ASCENDER > Security Administration - audit and verify all privileged accounts, especially those with District Admin access.
- Navigate to Security Administration > Manage Users - Click on advanced filters >Permission - select District Admin (this should also be done to determine who has security admin access) and then close the screen.
- Click find which will return results of the users and their associated roles. Use the results to determine which users and their associated roles need to be reviewed and changed.
- ASCENDER - Security Admin User Guide
Items to review with Technology Staff Specifically:
- Check Gmail account rules and forwarding settings for any unauthorized or unfamiliar entries.
- Ensure passwords for Gmail and ASCENDER are different — shared passwords significantly increase breach risk.
- Where possible, use a dedicated password manager instead of relying on Google Password Vault or other browser password managers.
- Enable Multi-Factor Authentication (MFA) for your Google tenant and any other systems that support it.