Cyber Incident Victim: Sports club in Plymouth
Date:
May 2020
Location:
United Kingdom
Summary
A hacker infiltrated a children's online fitness class hosted by a Plymouth sports club via Zoom, streaming child sexual abuse footage to approximately 60 young participants after accessing publicly shared call details. The incident caused significant distress, prompting a police investigation in collaboration with local safeguarding teams to identify affected individuals and provide support. Authorities urged witnesses or victims to contact them while emphasizing the importance of securing digital platforms to prevent such breaches.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On May 5, 2020, during a Zoom-hosted online fitness class organized by a Plymouth-based sports club, an unidentified hacker infiltrated the session and streamed child sexual abuse material to approximately 60 participating children. The intrusion occurred after the virtual meeting’s access details were publicly shared across online forums, enabling the attacker to bypass security measures. Devon and Cornwall Police confirmed the broadcast contained "extremely distressing" content, causing immediate psychological harm to minors and caregivers present. Authorities characterized the act as a deliberate cyber intrusion targeting a vulnerable audience during COVID-19 lockdowns, when virtual interactions were prevalent. The sports club terminated the session upon detecting the breach, but the explicit material had already been visible to attendees. Investigators confirmed no prior threats or warnings preceded the attack, classifying it as an opportunistic exploit of insufficiently secured communication channels.
Law enforcement initiated a multi-agency response within 24 hours, collaborating with Plymouth City Council’s social care team to identify all exposed individuals and provide trauma support. Detective Inspector Lesley Bulley publicly urged affected families to contact police via email ([email protected]) or phone (101), referencing case number CR/035950/20, to facilitate victim identification and counseling coordination. Concurrently, Plymouth Safeguarding Children’s Partnership joined the investigation to assess long-term safeguarding implications. Cyber Protection Officer Grahame Mace emphasized the necessity of hardening device security settings to prevent similar breaches, though no technical specifics about the hacker’s tools or entry vector were disclosed. The NSPCC helpline was promoted as a resource for concerned adults, while investigators continued forensic analysis of forum activity to trace the perpetrator. No arrests or suspect details were released as of the initial report.