study at home

Facing Coronavirus Growing Pains, California School Districts Confront Cybersecurity Breaches

In Berkeley, administrators are addressing an explicit “Zoombombing” incident as Oakland acknowledges a public leak of Google Classroom sites and Zoom meeting passwords.

School districts in Oakland and Berkeley have struggled with cybersecurity incidents in the past month, demonstrating the massive learning curve that administrators have been on to meet demands for remote learning during the COVID-19 pandemic.

With schools closed due to coronavirus concerns, many classes have been meeting via teleconference software like Zoom or sharing class materials through platforms like Google Classroom.

Oakland schools discovered a student privacy breach after administrators accidentally made hundreds of access codes and passwords used by teachers for online classroom meetings and video conferences public, The San Francisco Chronicle reported. With online trolls using social media and messaging tools to coordinate harassment campaigns in virtual classrooms, the breach could lead to disruption of classes with obscene language and images.

The Chronicle informed the district that their documents, featuring Google Classroom sites set up by teachers across the districts and access information to Zoom meeting rooms for teachers and students, were easily available online. The codes allowed anyone with a Gmail account to join the Google Classroom site and see students’ full names and comments posted on the site, according to the Chronicle.

Read More: New York City Bans Schools From Using Zoom Following Harassment Campaigns Targeting Classrooms

Oakland administrators removed the documents on April 8 and worked to lock down the classroom sites to not be available to users who are not students or staff. District spokesman John Sasaki said that the district was not aware of any breaches in its online platforms as a result of the information leaking online.

“This is all part of this new reality that we’re all experiencing now,” Sasaki said, according to EdSource. “We’ve made it very clear that anything that faces the public should have just the bare minimum of information. When it comes to codes and passwords, those should be sent via email, text message, or in a Google doc shared just with the class.”

A Berkeley high school class was victim to “Zoombombing,” the practice of internet trolls gaining access to classrooms or meetings and disrupting them with obscene images or language.

In the case of the Berkeley teacher, a man gained access to a Zoom meeting with students despite the teacher following proper security measures, such as setting a password and not sharing the link publicly. But the disruptor still managed to get in, exposing himself and shouting obscenities before the teacher was able to kick him out of the virtual classroom, the Chronicle reported.

Berkeley Superintendent Brent Stephens said it is likely that a student cut and pasted the access information to the meeting online, allowing a would-be predator to find it. The intruder also used a pseudonym that matched a student’s first name, reflecting the sophistication of predators coordinating virtual attacks on classrooms.

“We’re all kind of learning about the world that we’re in,” Stephens said, adding: “We’re being asked to sustain student learning while they’re at home and using technology to do it and just stumbling through these issues.”

Police are investigating the incident, which was disclosed to parents last Wednesday. The district has suspended holding virtual classrooms until it can figure out a solution with Zoom, which has vowed to take more action to protect users from intruders. Stephens hopes to restore teleconferencing this week with additional security practices, he told the Chronicle.

“It’s just heartbreaking hearing stories from parents that their kids aren’t getting out of bed until 11 in the morning and are displaying symptoms of depression,” Stephens said. “And [Zoom] was alleviating some of that.”

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • CISA Releases Anonymous Threat Response Guidance and Toolkit for K-12 Schools

    The Cybersecurity and Infrastructure Security Agency (CISA) recently released the Anonymized Threat Response Guidance: A Toolkit for K-12 Schools, a new resource to help kindergarten through grade 12 (K-12) schools and their law enforcement and community partners create tailored approaches to addressing anonymous threats of violence, including those received on social media. The toolkit outlines steps school leaders can take to assess and respond to anonymous threats, better prepare for and prevent future threats, and work in coordination with law enforcement and other local partners when these threats arise. It is co-sealed with the Federal Bureau of Investigation (FBI), which provided expert feedback on the toolkit’s key principles and strategies. Read Now

  • How Hospitals are Using Modern Technology to Improve Security

    Workplace violence is a serious and growing challenge for many organizations — including those in the healthcare industry. According to the U.S. Bureau of Labor Statistics, workers in healthcare and social services experience the highest rates of injuries caused by workplace violence and are five times as likely to suffer a workplace violence injury than workers overall — and aggressive incidents are rising. Read Now

  • Father of Georgia School Shooting Suspect Charged in Connection With Attack

    Colin Gray, the father of the 14-year-old Georgia school shooting suspect, has also been charged in connection with the attack. The 54-year-old father was charged with four counts of involuntary manslaughter, two counts of second-degree murder and eight counts of cruelty to children. Read Now

  • Safeguarding Stony Brook University Hospital: HALO’S Commitment to Health & Safety

    The healthcare industry is experiencing an alarming escalation of violence, including an increase in threats against healthcare workers. As a result, it is looking for ways to be proactive and protect its staff and patients.  According to the Bureau of Labor Statistics,  the rate of injuries from violent attacks against medical professionals grew by 63% from 2011 to 2018 and hospital safety directors say that aggression against staff escalated as the COVID-19 pandemic intensified in 2020.      Read Now

Webinars