Calendar An icon of a desk calendar. Cancel An icon of a circle with a diagonal line across. Caret An icon of a block arrow pointing to the right. Email An icon of a paper envelope. Facebook An icon of the Facebook "f" mark. Google An icon of the Google "G" mark. Linked In An icon of the Linked In "in" mark. Logout An icon representing logout. Profile An icon that resembles human head and shoulders. Telephone An icon of a traditional telephone receiver. Tick An icon of a tick mark. Is Public An icon of a human eye and eyelashes. Is Not Public An icon of a human eye and eyelashes with a diagonal line through it. Pause Icon A two-lined pause icon for stopping interactions. Quote Mark A opening quote mark. Quote Mark A closing quote mark. Arrow An icon of an arrow. Folder An icon of a paper folder. Breaking An icon of an exclamation mark on a circular background. Camera An icon of a digital camera. Caret An icon of a caret arrow. Clock An icon of a clock face. Close An icon of the an X shape. Close Icon An icon used to represent where to interact to collapse or dismiss a component Comment An icon of a speech bubble. Comments An icon of a speech bubble, denoting user comments. Comments An icon of a speech bubble, denoting user comments. Ellipsis An icon of 3 horizontal dots. Envelope An icon of a paper envelope. Facebook An icon of a facebook f logo. Camera An icon of a digital camera. Home An icon of a house. Instagram An icon of the Instagram logo. LinkedIn An icon of the LinkedIn logo. Magnifying Glass An icon of a magnifying glass. Search Icon A magnifying glass icon that is used to represent the function of searching. Menu An icon of 3 horizontal lines. Hamburger Menu Icon An icon used to represent a collapsed menu. Next An icon of an arrow pointing to the right. Notice An explanation mark centred inside a circle. Previous An icon of an arrow pointing to the left. Rating An icon of a star. Tag An icon of a tag. Twitter An icon of the Twitter logo. Video Camera An icon of a video camera shape. Speech Bubble Icon A icon displaying a speech bubble WhatsApp An icon of the WhatsApp logo. Information An icon of an information logo. Plus A mathematical 'plus' symbol. Duration An icon indicating Time. Success Tick An icon of a green tick. Success Tick Timeout An icon of a greyed out success tick. Loading Spinner An icon of a loading spinner. Facebook Messenger An icon of the facebook messenger app logo. Facebook An icon of a facebook f logo. Facebook Messenger An icon of the Twitter app logo. LinkedIn An icon of the LinkedIn logo. WhatsApp Messenger An icon of the Whatsapp messenger app logo. Email An icon of an mail envelope. Copy link A decentered black square over a white square.

Education Scotland order hard reset on school social networking app following major security breach

Post Thumbnail

Education Scotland is facing “very difficult questions” after being forced to order a hard reset of all passwords across its national digital learning platform following a major security breach.

An email distributed to headteachers and seen by The Courier has revealed how management called for all log-ins to be scrapped after it emerged children had been encouraged in schools to share credentials with their parents.

It means unauthorised could have gained access to applications such as Yammer, a social networking tool that allows every school child in Scotland – and by extension anyone with access to their log in details – to privately send messages to one another.

Calls for “urgent review” after bosses pull plug on Yammer app over inappropriate content

The service, which is hosted on the Glow learning platform, also allows users, regardless of whether they go to the same school, to view each other’s full name, school, interests, friends and email address.

Access to the app was locked down temporarily after an investigation by The Courier revealed how the Scottish Government’s own impact report had concluded it was vulnerable to individuals looking to find children and “do them harm”.

Education Secretary John Swinney claimed last week the service was “closed to the general public” and had only ever been accessible to pupils and educators.

However, it has now emerged that was not the case.

In some instances, children as young as five years old were sent home with strips of paper containing log-in details to give to their parents.

John Swinney speaks at Harris Academy in Dundee.

The Scottish Government’s own Parentzone website advised as recently as June 10 that the service could be accessed using the pupil’s username and password, “and parents can access their child’s and school’s Glow pages by using the same information”.

The information has since been removed.

Educators were made aware of the need to reset all credentials on the system late last week but it is understood families have still not been warned of the potential security breach.

Scottish Labour education spokesman Iain Gray said it was the latest in a series of “very worrying internet safety blunders” by the Scottish Government.

“John Swinney said last week that the Yammer app was closed to the general public, but it now emerges that potentially thousands of adults had access to the site and were able to send private messages to schoolchildren across Scotland,” he said.

“The question now is did Mr Swinney mislead the public or was he simply unaware of what was going on inside his own department?

“Parents are rightfully concerned about their children’s internet safety, but one place they should have confidence in is a Scottish Government approved app for schools.”

Scottish Labour’s education spokesperson Iain Gray MSP

Scottish Conservative education spokeswoman Liz Smith said it was a “glaring failure” that will “cause huge concern to parents”.

She added: “The SNP government and Education Scotland have got themselves into a huge mess with this, and have some very difficult questions to answer.”

Andy Burrows, NSPCC associate head of child safety online, said there were “clear safeguarding issues” around Yammer’s adoption by education bosses.

He added: “It’s vital that the Scottish Government and Education Scotland look at the risks involved in giving children access this app to ensure that they are not putting themselves in danger, and that safeguarding risks have been resolved.”

Nicola Sturgeon pledges “proper review” into security fears on school social networking app Yammer

An Education Scotland spokesman said: “When we were made aware of erroneous advice in relation to use of accounts by parents it was decided, with local authorities, to refresh existing passwords for students using Glow.

“Steps have also been taken to ensure local authorities’ websites are providing the right advice locally.

“As Education Scotland does not hold the contact details of parents, informing them of the decision to reset passwords for students using Glow has to be an action for the relevant local authority.”