study at home

Facing Coronavirus Growing Pains, California School Districts Confront Cybersecurity Breaches

In Berkeley, administrators are addressing an explicit “Zoombombing” incident as Oakland acknowledges a public leak of Google Classroom sites and Zoom meeting passwords.

School districts in Oakland and Berkeley have struggled with cybersecurity incidents in the past month, demonstrating the massive learning curve that administrators have been on to meet demands for remote learning during the COVID-19 pandemic.

With schools closed due to coronavirus concerns, many classes have been meeting via teleconference software like Zoom or sharing class materials through platforms like Google Classroom.

Oakland schools discovered a student privacy breach after administrators accidentally made hundreds of access codes and passwords used by teachers for online classroom meetings and video conferences public, The San Francisco Chronicle reported. With online trolls using social media and messaging tools to coordinate harassment campaigns in virtual classrooms, the breach could lead to disruption of classes with obscene language and images.

The Chronicle informed the district that their documents, featuring Google Classroom sites set up by teachers across the districts and access information to Zoom meeting rooms for teachers and students, were easily available online. The codes allowed anyone with a Gmail account to join the Google Classroom site and see students’ full names and comments posted on the site, according to the Chronicle.

Read More: New York City Bans Schools From Using Zoom Following Harassment Campaigns Targeting Classrooms

Oakland administrators removed the documents on April 8 and worked to lock down the classroom sites to not be available to users who are not students or staff. District spokesman John Sasaki said that the district was not aware of any breaches in its online platforms as a result of the information leaking online.

“This is all part of this new reality that we’re all experiencing now,” Sasaki said, according to EdSource. “We’ve made it very clear that anything that faces the public should have just the bare minimum of information. When it comes to codes and passwords, those should be sent via email, text message, or in a Google doc shared just with the class.”

A Berkeley high school class was victim to “Zoombombing,” the practice of internet trolls gaining access to classrooms or meetings and disrupting them with obscene images or language.

In the case of the Berkeley teacher, a man gained access to a Zoom meeting with students despite the teacher following proper security measures, such as setting a password and not sharing the link publicly. But the disruptor still managed to get in, exposing himself and shouting obscenities before the teacher was able to kick him out of the virtual classroom, the Chronicle reported.

Berkeley Superintendent Brent Stephens said it is likely that a student cut and pasted the access information to the meeting online, allowing a would-be predator to find it. The intruder also used a pseudonym that matched a student’s first name, reflecting the sophistication of predators coordinating virtual attacks on classrooms.

“We’re all kind of learning about the world that we’re in,” Stephens said, adding: “We’re being asked to sustain student learning while they’re at home and using technology to do it and just stumbling through these issues.”

Police are investigating the incident, which was disclosed to parents last Wednesday. The district has suspended holding virtual classrooms until it can figure out a solution with Zoom, which has vowed to take more action to protect users from intruders. Stephens hopes to restore teleconferencing this week with additional security practices, he told the Chronicle.

“It’s just heartbreaking hearing stories from parents that their kids aren’t getting out of bed until 11 in the morning and are displaying symptoms of depression,” Stephens said. “And [Zoom] was alleviating some of that.”

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • How Emerging Technologies are Transforming the School Security Landscape

    Students can't focus on learning when they're worried about their safety. As education systems nationwide face evolving security challenges with limited resources, a new generation of integrated technology solutions is helping schools create safer environments while maximizing staff efficiency. Read Now

  • How to Harness ALPR for Greater Security Efficiency and Collaboration

    Within higher education campus environments, the demand for greater security, efficiency, and resources is ever-present. Many higher education teams are adopting advanced technologies to secure their campus, streamline operations, and continue to best serve their students and faculty. Automatic license plate recognition (ALPR) technology stands out for its ability to meet a wide range of campus objectives. Read Now

  • Using Emerging Technologies to Address Healthcare Staffing, Workplace Violence Issues

    The healthcare industry consistently adopts new technology to address challenges across all of its sectors. Many of the emerging technologies that are available today are being applied to optimize workflow. To enhance their operational efficiency, hospitals and other healthcare providers typically embrace emergent technologies to streamline tasks in patient care, administration, and, of course, security. Read Now

  • Let's Be Clear: Why Campus Security Cameras Need Regular Maintenance

    Universities invest in security camera systems, expecting them to provide clear, reliable footage to help protect students, faculty, and staff. These cameras are strategically placed across campus—monitoring entryways, dormitories, parking lots, stadiums, bookstores, and common areas—as both a deterrent to crime and a valuable tool in incident investigations. Read Now