New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Seesaw Accounts Accessed and Used to Send Explicit Images to Parents of Students

The popular interactive learning platform Seesaw has suffered a breach according to reports. Numerous parents from all over the country have claimed to have received an explicit image that has made its rounds on the internet. With over 10 million users, it is unclear how many have been affected by the incident at this time. Seesaw claims that the threat actors behind the attack did not gain administrative access. Instead, the breach was due to individual accounts being accessed by way of credential stuffing. The links were sent to parents via Bitly, which shortens links and hides the actual address. Districts are warning parents to not open any links that come from Bitly for the time being. Other districts have even begun suspending the use of Seesaw as a whole.

Analyst Notes

Credential stuffing attacks typically happen as a result of credentials being accessed through other breaches. Threat actors look through the information in these leaks and attempt to identify combinations of usernames and passwords that will work with other accounts. It is recommended to not reuse passwords as it is much more difficult to become a victim of this style of attack. Parents who use Seesaw should avoid opening links of any kind at this time, even if it comes from someone considered to be trustworthy.