LOS ANGELES (CBSLA) — Parents, students and board members were on a video conference call Tuesday night when hackers took over and posted lewd and racist content.
“It was scary, to be honest with you,” Megan Goebel said. “You just didn’t know what was going to pop up next.”
Goebel, a mother of two, was watching her local school board meeting on Zoom when a group of unidentified people joined the video conference call.
“First they just said stuff like, ‘We’re just here to talk about racism,'” she said. “And then the screen started flashing things like swastikas and pornography.”
The hackers were able to gain control of the computer screen and started targeting the school board members.
“So they would say somebody’s name, and then they would say, ‘You know, if we were able to get in our your call, we can find out where you live. We can come to your house and do things to your kids.'”
Conejo Valley Unified School District had publicized the link to the Zoom video conference online so anyone in the public could watch the board meeting, but they fell victim to “Zoombombing.”
Ian Sherr with CNET said “Zoombombing” is very easy.
“They log on like the rest of us, usually to an open Zoom link, and they will either share their screens and have something like pornography on there or they will post a bunch of comments,” he said.
The University of Southern California fell victim to “Zoombombing” on Tuesday as well.
In a message to students, the university wrote that someone shared “racist remarks and lewd images on screen” during an online course.
In a follow-up email, the university told students that the IT department put new safeguards in place to prevent it from happening again, including putting anyone without USC credentials into a digital waiting room where the host can decide whether to let them into the video conference.
“The best thing you can do is control who’s coming into your conference call, by setting up a password or only giving out the link to specific people,” Sherr said.
Conejo Valley said it was working with law enforcement and Zoom to find out how the hackers gained access to the monitor and how they could prevent it from happening again.
The district also said that Zoom conferences with teachers were not advertised to the public, like the school board meeting, so it would be much harder for hackers to get into the call.