Background
On Friday, January 26th, an article was published in a Norwegian newspaper claiming that there is a potential security issue in itslearning. The article implied that itslearning users were in particular danger of having their web cameras taken over by someone using a method called ‘phishing’. Read more about ‘phishing’ here. itslearning wants to give more thorough information about this, and what we have done, in the text below.
A few facts
Like many software applications, itslearning gives customers the ability to use an open web area. It has been used by teachers and students to upload files for learning purposes. We know that many of our users have appreciated this capability and have used it actively in the education process. We have never received a report that the open web area has been used in a negative way.
What we have done
Since phishing attempts use malicious code embedded in external files, we have chosen to block the ability to use files containing scripts in the open web area. This change was made only hours after the article was published, to guard against the potential of a student unknowingly opening a harmful file. We will continue the work to increase security on files stored on the open web files area in the coming days.
Consequences
Since we have blocked the ability to run all coded files in the open web area, these changes may feel limiting for those who have previously used this function in a constructive way.
Security in General
We would like to emphasise that at itslearning, we take the security of our platform extremely seriously. We use external security experts to regularly and rigorously test and evaluate the platform’s security.
We have millions of users across the globe – from nursery school to the university level – and we sometimes receive messages regarding possible security issues. These are always given the highest priority and investigated immediately.
Feel free to contact us
If you have questions, please contact our Global Support department at: [email protected]
