Breaking News
More () »

Columbus school gets 'Zoom bombed' with pornographic video

On Wednesday, officials at St. Mary School in German Village say someone posed as a student to disrupt several Zoom classes, using inappropriate language and showing a pornographic video.

COLUMBUS, Ohio — It's one of the most popular online video conferencing platforms across the globe, and Zoom is getting a lot of usage right now, including by central Ohio schools.

But technology is not without its issues, and St. Mary School in German Village discovered that this week.

On Wednesday, school leaders say someone disrupted several classroom sessions. They documented the problems in several notes of correspondence to parents they also shared with 10TV.

One letter detailed the following:

1. Inappropriate Language was used in the chat of the classrooms and over voice audio. The teacher immediately muted and the classroom and ended class.

2. A pornographic video was shared with a small group of students conducting question and answer time with the teacher. The teacher immediately stopped the video being shared.

3. The person or persons conducting these inappropriate acts is using the names of our students to pose as a student and gain access to the Zoom classroom.

The assistant principal wrote that he was "livid" and "sickened" that someone would use a valuable learning tool during a national emergency to hurt children.

School leaders say they learned someone got access to a student password and gained access to the Zoom meeting, posing as a student. All Zoom sessions were then canceled on Thursday. All but the 8th-graders were back on the platform by Friday.

The principal wrote to parents:

"We were able to recover the video of the perpetrator making inappropriate comments in the eighth grade religion classroom. I have watched the video numerous times, and I have picked up that it appears that some of the students in the video either a) know who the perpetrator is or b) knows how the perpetrator learned the credentials (student name and password) to gain access to the classroom.

Because the perpetrator knew the Zoom meeting ID, password, and name of student in the room, I do not believe that this was not a random Zoom 'bombing'. I do not believe that the perpetrator was one of our students, but I think that the students know more than they have shared with us, which is where we need your help.

Please explain to your child that this is not a Saint Mary School level discipline issue. Because one incident involved a threat and another incident involved pornography, we reported this to the Columbus Police Department and the diocese who will be reporting it to the FBI."

Columbus police did confirm a call to the radio room Wednesday night that involved a threat made against a student. An FBI spokesman says his agency had not yet been contacted.

Of course, St. Mary is one of many Central Ohio schools using Zoom to help with virtual learning right now.

10TV checked in with several local districts. Hilliard and Newark also use Zoom. Reynoldsburg uses both Zoom and Google platforms. Westerville uses Google platforms, and Dublin uses both Google and Schoology. Columbus City Schools use WebEx.

"People are just trying to get something to work so quickly that they haven’t assessed any of the potential downsides," said Matthew Curtin, founder of Interhack, which focuses on cyber security and forensic data analysis. "If they’ve focused so heavily on ease of use, what are they trading off? They’re probably trading off security."

Curtin warns against downloading and using technology without fully investigating its privacy and security.

"It’s not necessarily a Zoom problem, per se, but it’s a lack of thought or a lack of attention to the security and the privacy consequences," he said. "Just downloading software, installing it and running it, never reading anything about it, that’s crazy."

Technology leaders at The Ohio State University have been focused a lot on online security recent move to solely virtual learning.

"Our tools go through a pretty rigorous security, privacy, legal review, so all of the tools we use have come through a rigorous process where faculty have looked at a number of different tools and made a recommendation about what we should use, and then we look at legal, privacy, security concerns and ensure that it operates in a way that is consistent with the values and the requirements that we have as an institution," said Liv Gjestvang, associate vice president for learning technology at OSU.

Zoom has seen a surge of usage on the campus this semester. In the two weeks following Spring Break, OSU's Zoom account hosted 90,887 Zoom meetings, averaging 8677 meetings per day and 45,444 meetings per week.

Of those, around one-dozen sessions had some sort of Zoom disruption, which Gjestvang says officials take very seriously. Those that involve harassment or discrimination are reported to the Office of Institutional Equity.

"To me, there’s no number that’s acceptable, it’s absolutely unacceptable, but considering the number of meetings that we’ve had and the scale at which this tool is operating, I think that dozen or so, I’m incredibly glad that we haven’t seen more, and we are doing, we are working very proactively to ensure that safety and security settings are being used and practiced in the best possible ways by our community," Gjestvang said.

She says Zoom has been responsive to suggestions and has been quick to make changes when security issues arise.

And she and Curtin both say there certainly ways for users to improve security on their own, including not sharing meeting links or passwords and employing the 'waiting room' feature.

Those are things St. Mary already was doing, according to school officials. But they are working on adding even more security measures to avoid any other inappropriate disruptions.

Before You Leave, Check This Out