Has Seesaw been hacked?

Share this with your friends, family and colleagues

You may have heard about a recent cyberattack on the popular school platform, Seesaw. While there was misconception over whether this applied only to the United States, we have received reports that schools across the UK have been affected by this attack.

What happened?

In an official statement released by Seesaw CEO Adrian Graham, he acknowledged that:

“Late on September 13, individual Seesaw users were subjected to a coordinated ‘credential stuffing’ attack. Some of the compromised accounts were used to send a message with a link to an inappropriate image. Less than 0.5% of users were affected.”

What is ‘credential stuffing’?

The National Cyber Security Centre (NCSC) defines credential stuffing as taking “advantage of people reusing username and password combinations across different accounts. By fraudulently gaining valid combinations for one site, and successfully using them on other sites an attacker can access legitimate accounts. The primary motivation is financial, but it can lead to identity theft.”

Essentially, if someone obtains a username and password that has been reused on multiple platforms, they can attempt to gain access to those platforms by using the username/password combination.

What actions have Seesaw taken?

1. Disabling the messaging feature to ensure the inappropriate message cannot be sent. Note: As of September 15th, in-platform messaging has been fully restored.
2. Notifying and securing all compromised accounts by proactively resetting passwords and prompting users to set a new and different password.
3. Removing the message from all accounts as well as coordinating with Bit.ly and AWS to make sure the inappropriate image is no longer present.
4. Sharing new information promptly by providing status updates coordinated with security officials to notify all customers and users.

Should I be worried?

No, you should not be worried. Seesaw has sought to reassure its users that the platform “is safer, and the attack has been shut down.” The platform was not compromised and additional safety measures have been put in place to prevent further attacks.

What can I do?

If you are a Seesaw user, we would strongly advise that you:

Create a new password. Make sure it is strong and secure – remember, ‘longer is stronger’! We recommend three random words that are unique to you that you will remember.
Check its strength. You can see how strong your password is by using this helpful tool.
Search for yourself. Make sure sure any other passwords you may use have not been compromised by checking here.
Talk about online security. Discuss the importance of strong passwords with the children and young people in your care. You can also utilise our resources to help.