US school app accounts hacked to send explicit image
- Published
Parents in the US have reported receiving a notorious explicit image after hackers targeted a school app with 10 million users including teachers, students and family members.
There were many reports from schools and teachers of the image being sent from hacked accounts on the Seesaw app.
Seesaw said that a link to an "inappropriate image" was shared and it had taken action to stop the issue.
The graphic image is a highly explicit internet meme intended to shock.
Somebody who works with teachers and pupils told Seesaw via Twitter: "You have a hack in messages that's allowing an inappropriate picture to be shared with families and teachers across multiple districts. Please take action!"
Allow Twitter content?
This article contains content provided by Twitter. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. You may want to read Twitter’s cookie policy, external and privacy policy, external before accepting. To view this content choose ‘accept and continue’.
In its statement, Seesaw denied that hackers had gained administrative access but had instead hacked "isolated" individual accounts.
It shared more detail about the attack and what it did in response on a status page.
"Widely available compromised emails/passwords that were reused across services were used to gain unauthorised access to Seesaw accounts," it said., external
Some parents told US media of their horror when the image appeared in group chats.
The head of one school in Milwaukee warned parents not to blame those who appeared to have sent the message.
"While specific parent names were attached to these messages," the school's statement said, "we know that these parents were not involved."
Seesaw said in response to the incident it had:
completely disabled the messaging feature to stop additional users seeing the inappropriate message
removed the inappropriate message from accounts to which it was sent
reset the passwords of all compromised accounts and notified users
Many schools sent out warnings about clicking on links obscured by bit.ly - a link shortening service.
Seesaw said it had worked with bit.ly to disable the links.
Related topics
- Published1 September 2022
- Published16 August 2022