Summary: Tired of manual threat hunting? See how Vilnius Tech automated it with NordStellar and, as a result, stopped 15 cyber-attacks in less than a year.
How does a lean team of 5 security specialists protect a sprawling campus of over 8,500 students and staff? For Vilnius Gediminas Technical University (Vilnius Tech), the second-largest university in Lithuania, the hunt for data leaks was a frustrating manual slog. The team spent valuable time combing through Telegram channels, trying to spot threats among endless noise and ads.
Vilnius Tech traded that manual work for NordStellar's automated alerts, a switch that saves them over an hour weekly. More importantly, it has allowed them to stop 15 cyber-attacks before they could even start, giving them a proactive defense against account takeovers and data breaches.
Before using NordStellar, the time-strapped Vilnius Tech IT team spent many hours manually hunting down data leaks. They had to dig through sources like Telegram channels, a slow process often filled with useless or false information.
This manual approach also meant they could only check a fraction of the potential sources. It was impossible to manually track the thousands of dark web forums, hacking communities, and ransomware blogs that NordStellar continuously monitors.
The university needed a way to get clear, actionable intelligence on leaked credentials, especially since many students and professors use personal devices with university accounts, creating a significant visibility gap. Justinas Rastenis, Head of the IT Department, explains:
"I used to waste so much time manually searching for leaked accounts in Telegram channels. They were just full of fake information and ads. Every little thing we needed to find took up valuable time for both me and my colleagues."
Vilnius Tech switched to NordStellar’s threat exposure management solution to replace the slow, manual threat hunting work. The setup was incredibly fast— the IT team immediately started monitoring the university’s domains and the personal phone numbers of key executives on the dark web.
NordStellar's clear and informative dashboard provided immediate value, turning a reactive process into a proactive security strategy.
"Finding a breach early makes all the difference. We can now catch threats at the very beginning, block them instantly, and protect our students, employees, and the university's reputation."
With NordStellar's Data breach monitoring, Dark web monitoring, and Account takeover prevention, the IT team receives instant alerts when user credentials are leaked. This allows them to act fast, immediately blocking accounts and forcing password resets to stop attackers before they can do more damage.
The platform also helps the IT team identify which users have been infected with information-stealing malware. It works by monitoring the dark web for logs of stolen data created by this type of malware. When NordStellar finds an employee's data within one of these logs, it sends an alert about which device has been compromised. This allows Vilnius Tech to warn the affected user, who can secure their device and prevent more accounts from being exposed.
“With NordStellar, we saw leaked credentials of some users. We moved quickly to block accounts and reset passwords. It helped us reduce cyber risks before attackers could take advantage.”
NordStellar gave Vilnius Tech visibility into threats that were previously out of reach, especially those tied to personal devices. One critical use case was protecting senior leadership: the phone numbers of deans, vice-rectors, and IT staff were added to monitoring.
This proactive step helps shield the university’s most important people from targeted attacks, protecting both their personal information and the institution’s reputation.
“We added the personal phone numbers of vice-rectors, deans, and IT staff to the monitoring list. That way, we can spot leaks early and protect personnel with privileged access to sensitive university systems and data.”
Since adopting NordStellar, Vilnius Tech has intercepted 15 cyber incidents before they could escalate. By catching threats in their earliest stages, the university avoided disruptions that could have lasted weeks.
Automation now saves the IT team over an hour weekly, cutting out manual threat hunting and giving them more time to focus on strategic priorities.
“NordStellar helps in the first steps of an attack. If something happens, we block the account immediately. This year, we stopped 15 attacks early and kept the university safe.”
For a large university with a lean IT team, NordStellar offered the perfect blend of automation, visibility, and ease of use. The platform helps monitor over 8,500 Vilnius Tech student and staff accounts for leaked credentials and data breaches, providing early warnings of threats.
NordStellar is now an indispensable part of Vilnius Tech's security framework. It allows the university to protect its reputation and data without adding significant operational overhead.
"We see it from a bigger perspective than just saving time. The real value is that NordStellar prevents the kinds of cyber-attacks that could impact our entire university."
Justinas Rastenis shares these security insights for other organizations:
For Vilnius Tech, the days of manually hunting for threats are over. By partnering with NordStellar, their lean IT team now proactively protects over 8,500 users, stopping more than cyber-attacks with automated, early-warning alerts.
Ultimately, NordStellar delivers the peace of mind that comes from knowing the university's data and reputation are secure, all without adding more work to the Vilnius Tech IT team's plate.
Worried about the threats you can't see? See how NordStellar can bring them into the light. Contact our sales team to check your organization’s cyber risk score.
Joanna Krysińska
Senior Copywriter
A writer, tech enthusiast, dog walker, and amateur pastry chef, Joanna grew up in a family of engineers and mathematicians, so a techy mind is in her genes. She loves making complex tech topics less complex and digestible. She also has a keen interest in the mechanics of cybercrime.
