study at home

Facing Coronavirus Growing Pains, California School Districts Confront Cybersecurity Breaches

In Berkeley, administrators are addressing an explicit “Zoombombing” incident as Oakland acknowledges a public leak of Google Classroom sites and Zoom meeting passwords.

School districts in Oakland and Berkeley have struggled with cybersecurity incidents in the past month, demonstrating the massive learning curve that administrators have been on to meet demands for remote learning during the COVID-19 pandemic.

With schools closed due to coronavirus concerns, many classes have been meeting via teleconference software like Zoom or sharing class materials through platforms like Google Classroom.

Oakland schools discovered a student privacy breach after administrators accidentally made hundreds of access codes and passwords used by teachers for online classroom meetings and video conferences public, The San Francisco Chronicle reported. With online trolls using social media and messaging tools to coordinate harassment campaigns in virtual classrooms, the breach could lead to disruption of classes with obscene language and images.

The Chronicle informed the district that their documents, featuring Google Classroom sites set up by teachers across the districts and access information to Zoom meeting rooms for teachers and students, were easily available online. The codes allowed anyone with a Gmail account to join the Google Classroom site and see students’ full names and comments posted on the site, according to the Chronicle.

Read More: New York City Bans Schools From Using Zoom Following Harassment Campaigns Targeting Classrooms

Oakland administrators removed the documents on April 8 and worked to lock down the classroom sites to not be available to users who are not students or staff. District spokesman John Sasaki said that the district was not aware of any breaches in its online platforms as a result of the information leaking online.

“This is all part of this new reality that we’re all experiencing now,” Sasaki said, according to EdSource. “We’ve made it very clear that anything that faces the public should have just the bare minimum of information. When it comes to codes and passwords, those should be sent via email, text message, or in a Google doc shared just with the class.”

A Berkeley high school class was victim to “Zoombombing,” the practice of internet trolls gaining access to classrooms or meetings and disrupting them with obscene images or language.

In the case of the Berkeley teacher, a man gained access to a Zoom meeting with students despite the teacher following proper security measures, such as setting a password and not sharing the link publicly. But the disruptor still managed to get in, exposing himself and shouting obscenities before the teacher was able to kick him out of the virtual classroom, the Chronicle reported.

Berkeley Superintendent Brent Stephens said it is likely that a student cut and pasted the access information to the meeting online, allowing a would-be predator to find it. The intruder also used a pseudonym that matched a student’s first name, reflecting the sophistication of predators coordinating virtual attacks on classrooms.

“We’re all kind of learning about the world that we’re in,” Stephens said, adding: “We’re being asked to sustain student learning while they’re at home and using technology to do it and just stumbling through these issues.”

Police are investigating the incident, which was disclosed to parents last Wednesday. The district has suspended holding virtual classrooms until it can figure out a solution with Zoom, which has vowed to take more action to protect users from intruders. Stephens hopes to restore teleconferencing this week with additional security practices, he told the Chronicle.

“It’s just heartbreaking hearing stories from parents that their kids aren’t getting out of bed until 11 in the morning and are displaying symptoms of depression,” Stephens said. “And [Zoom] was alleviating some of that.”

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.


  • California School District Modernizes Surveillance System

    i-PRO Co., Ltd. (formerly Panasonic Security), a provider of professional security solutions for surveillance and public safety, recently announced that the Murietta Valley Unified School District (MVUSD) in Riverside County, CA, has undertaken a project to modernize its first-generation surveillance system to new high-resolution i-PRO network cameras, and the i-PRO Video Insight video management system (VMS). Read Now

  • RAD Makes History with First Robotic Dog Deployed to Taylor Police Department

    Robotic Assistance Devices, Inc. (RAD), a subsidiary of Artificial Intelligence Technology Solutions, Inc., recently announced that it has delivered a RADDOG LE to the Taylor, Michigan Police Department. The delivery of RADDOG LE to the Taylor Police Department marks a historic moment in the integration of technology within law enforcement. This milestone underscores RAD’s commitment to revolutionizing the landscape of security and public safety through cutting-edge AI-powered, robotic solutions. Read Now

  • Passing the Test

    The discussion about secured access and access control for higher education and K-12 is continuously expanding and evolving. That is a good thing. The more knowledge we gain and the more solutions that become available, linked and interoperable, the better and higher the level of security and safety. Read Now

  • Driving a Major Shift

    One of the driving forces for change has been the high demand for unified solutions. Users are asking their vendors for a way to manage all their security systems through a single interface, from a single pane. This has led to a flurry of software development to seamlessly integrate access control systems with video surveillance, intrusion detection, visitor management, health monitoring, analytics with artificial intelligence (AI), and more. Read Now