Cyber Incident Victim: Oberlin Magnet Middle School
Date:
Aug 2020
Location:
United States of America
Summary
A virtual class at Oberlin Magnet Middle School was disrupted when unauthorized individuals accessed the session through publicly shared Google Meet links, displaying inappropriate content and using offensive language directed at students and teachers. Similar incidents occurred at multiple North Carolina schools, including intrusions where non-students yelled obscenities or shared explicit material during online lessons. The Wake County Public School System attributed the breaches to improperly distributed meeting links and implemented measures to restrict access, while other affected districts investigated and notified parents. In one case, two students involved in a separate disruption were identified and their families contacted.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In August 2020, multiple North Carolina school districts experienced disruptions to virtual learning sessions, including an incident at Oberlin Magnet Middle School on August 18 (reported as occurring on a Tuesday). Intruders gained unauthorized access to virtual classrooms hosted on Google Meet, where they used offensive language, insulted students and teachers directly, and displayed inappropriate content. The Wake County Public School System attributed the breaches at Oberlin Magnet Middle School and Millbrook Magnet High School to publicly accessible links to the Google Meet sessions, which allowed individuals outside the intended classes to join. At Millbrook Magnet High School, at least 20 staff members reported disruptions during live instruction earlier that week, with two students later identified as participants; their parents were notified. Similar incidents occurred at Lee County High School in Sanford on August 17, where a non-student account shared inappropriate content before being quickly removed by the teacher, and at Southeast Middle School in Kernersville during a virtual art class, where an unidentified participant yelled obscenities.
School districts implemented immediate containment measures, including removing unauthorized participants and restricting the sharing of virtual classroom links to enrolled students only. Wake County officials confirmed they were taking steps to prevent future incidents by ensuring links would not be disseminated beyond class members. Winston-Salem/Forsyth County Schools launched an investigation into the Southeast Middle School disruption and notified parents. The North Carolina Department of Information Technology’s Chief Risk and Security Officer, Maria Thompson, publicly advised schools to avoid publishing passwords, vet participants, refrain from reusing passwords, and distribute credentials only to authorized individuals. These disruptions highlighted vulnerabilities in the hastily implemented virtual learning systems during the COVID-19 pandemic, directly impacting instructional continuity and student safety across multiple districts. No long-term technical consequences or system compromises were reported beyond the immediate classroom intrusions and behavioral incidents.