Parents, educators received explicit image in Seesaw hacking

This audio is auto-generated. Please let us know if you have feedback.

Seesaw, a school-family communication app with 10 million users, was hacked late Wednesday in a credential stuffing attack that resulted in links to an explicit meme image being sent to parents and educators, according to product status updates from the company.

The messaging tool was turned off temporarily while Seesaw investigated the incident, which occurred after an “isolated number” of accounts were compromised. In a credential stuffing attack, hackers comb through prior data breaches to identify username and password combinations that may work on other platforms. To lessen the risk of such an incident, cybersecurity experts recommend never reusing the same passwords across multiple accounts.

Vice reports the bit.ly links circulated to users contained “goatse,” an infamous meme image of a man engaged in an explicit act. According to NBC News, the hacking impacted school districts in Illinois, New York, Oklahoma and Texas.

In addition to resetting the passwords of accounts compromised in the attack, Seesaw said it will scan databases of known compromised passwords, reset those that users may have reused on its platform, and notify those users. It has also removed the link from messages that contained it and will continue to monitor and investigate the situation, the company said.

Seesaw said there is no evidence suggesting the attacker accessed data or conducted other malicious acts on its platform beyond logging into the affected accounts and sending the malicious link.

The Seesaw hacking comes roughly a week after a joint school cybersecurity warning from the FBI, Cybersecurity and Infrastructure Security Agency and Multi State Information Sharing and Analysis Center regarding a hacker group known as Vice Society that has disproportionately targeted the education sector with ransomware attacks since summer 2021.

The hacker ring claimed responsibility for last week’s ransomware attack on Los Angeles Unified School District, which took down multiple district IT systems. Board members have since voted to give Superintendent Alberto Carvalho emergency powers to shore up the district’s cybersecurity measures, LAist reports.

In response to the Los Angeles cyberattack, groups including the Consortium for School Networking, State E-rate Coordinators' Alliance, State Educational Technology Directors Association, and the Schools, Health & Libraries Broadband Coalition called for federal E-rate funding to be expanded to cover cybersecurity services.