Schools have posted student photos online for decades. A named child in a school blazer, students grinning after a science fair win, photos captioned with their grade and their full name. It’s a way for the school to celebrate their student’s accomplishments. That practice just became a serious threat vector.

Experts from the UK’s National Crime Agency, the Internet Watch Foundation (IWF), and an advisory group called the Early Warning Working Group (EWWG) are now urging schools to pull those photos down. The reason is blunt: criminal actors are scraping school websites, running those images through AI deepfake tools, generating child sexual abuse material (CSAM), and then using that material to extort the schools and families involved.

This is not a theoretical future risk. It has already happened.

The Incident That Changed the Conversation

Late in 2024, an unnamed UK secondary school was contacted by blackmailers who had done exactly the above. The IWF reviewed the output, classified 150 images as CSAM under UK law, and generated digital fingerprints for each one so major platforms could detect and block any reuploads.

The IWF was clear that this was not viewed as an isolated incident. The EWWG stated publicly that it is “only a matter of time” before more schools face identical demands. UK safeguarding minister Jess Phillips described it as a “deeply worrying emerging threat.”

In February 2025, the UK became the first country to specifically ban AI tools designed to generate CSAM, a legislative move that acknowledged the scale of the problem before most of the public had registered it existed.

How the Threat Evolved to This Point

Sextortion is not new. The criminal playbook has been running for years: obtain intimate images, threaten to distribute them, demand payment. What changed is that attackers no longer need to obtain real intimate images.

The FBI’s Internet Crime Complaint Center logged more than 16,000 sextortion complaints in just the first half of 2021, with losses exceeding eight million dollars. By June 2023, the FBI was warning specifically that attackers had pivoted to using ordinary social media photos to synthesize fake explicit content and extort minors.

That pivot hit children hard. UK children’s counseling helpline Childline had already been handling sextortion cases involving minors who were manipulated into sharing real images of themselves. The more disturbing shift was children contacting Childline after being sent AI-generated CSAM of themselves, with no prior relationship with the attacker at all. One 15-year-old girl reported receiving a “really convincing” fake nude image built from her public Instagram photos.

In a November 2025 report, the IWF published data showing rising cases of AI-generated CSAM, climbing from 199 to 426 confirmed cases. Specifically, this data represented the period between January and October 2025 compared to the exact same period in the previous year. Girls accounted for 94 percent of victims. Reported cases included children ranging from newborns to two-year-olds.

The Infrastructure Behind It

This is not one person with a laptop. The ecosystem is industrial in scale. In April 2025, a researcher discovered an exposed AWS S3 bucket belonging to South Korean “nudify” application GenNomis. It contained 93,485 AI-generated images alongside the prompts used to create them. That is a production-scale operation, and it was left unsecured.

The tooling is accessible, cheap, and increasingly automated. The current situation still requires attackers to manually identify and scrape photos. The concern flagged by security professionals is that this manual step is the last friction point before the entire process becomes fully automated, enabling bulk scraping of school websites, social platforms, and club pages at scale.

What Schools Are Being Told to Do Right Now

The EWWG’s guidance covers several practical changes. Schools are advised to replace close-up, identifiable photos with images taken from a distance, or images shot from behind. Full names should be removed from captions. Existing image archives should be audited. Parents should be asked to re-sign consent forms with updated context about the risk.

The advisory group goes further than that. It is questioning whether schools need to publish photos of children at all.

Some institutions have already acted. Loughborough Schools Foundation, a group of three private schools sharing a website, removed recognizable pupil images entirely in the Autumn term of 2025.

The Legal Picture Is Messier Than It Should Be

In the UK, the Information Commissioner’s Office says it “would still generally expect you to offer an opt-out to parents” when publishing an identifiable photo of a child. But an opt-out is not legally the same as consent, which carries a higher threshold.

In the US, the framework is fragmented. Under the Family Educational Rights and Privacy Act (FERPA), schools typically classify identifiable student photos as directory information, a category that also includes names, addresses, telephone listings, dates of birth, and activity participation. Schools can publish directory information unless a guardian has specifically opted out, and the notification requirement may not extend indefinitely after a student leaves the school. That means photos and names can sit on school websites for years after families assume they have been removed.

The Regulatory Response Is Moving Fast

The UK government is amending the Crime and Policing Bill to require platforms to take down flagged intimate images within 48 hours or face fines equivalent to 10 percent of global revenue. Childline’s Report Remove service, which allows children to flag explicit images of themselves, took 394 blackmail reports from under-18s in the past year alone, up one-third compared to 2024.

These are meaningful enforcement mechanisms, but they are reactive by design. A 48-hour takedown window is genuinely fast for regulatory action. It is still 48 hours after the damage begins.

What Parents Can Actually Do

The most effective mitigation at the individual level is reducing the available attack surface. That means being deliberate about how many identifiable photos of a child are publicly accessible online. School websites are the obvious starting point, but the same logic applies to sports club sites, extracurricular group pages, church or community organization pages, and the child’s own social media accounts if they have them.

Parental social media behavior matters too. A parent who posts a public photo of their child at a school event, tagged with the child’s name and school, is contributing to the same pool of data attackers are scraping.

This is not about fear. It is about understanding that public photos of named children are no longer neutral data. The tools to weaponize them are cheap, accessible, and already in use.

The honest bottom line

The attack surface here was created by past decades of well-intentioned behavior: schools celebrating their students publicly, parents sharing proud moments online. None of that was wrong at the time. The threat model has changed, and the practice needs to change with it.

Sources and Further Reading

• The Guardian reporting on UK schools removing student photos due to AI blackmail threat: https://www.theguardian.com/technology/2026/may/08/uk-schools-remove-pupils-photos-online-ai-blackmail-threat-grows

• UK government announcement on banning AI tools designed to generate CSAM: https://www.gov.uk/government/news/britains-leading-the-way-protecting-children-from-online-predators

• FBI IC3 PSA on sextortion complaints and financial losses in 2021: https://www.ic3.gov/PSA/2021/PSA210902

• FBI IC3 PSA warning on attackers using social media photos to extort minors in 2023: https://www.ic3.gov/PSA/2023/psa230605

• The Guardian report on a 15-year-old receiving AI-generated fake nude images and Childline sextortion cases: https://www.theguardian.com/uk-news/article/2024/aug/21/amid-rise-in-financial-sextortion-childline-is-helping-teenagers-fight-back

• The Guardian report on AI-generated CSAM reports doubling at the IWF year over year: https://www.theguardian.com/technology/2025/nov/12/tech-companies-child-safety-agencies-test-ai-tools-abuse-images-ability

• The Register investigation into exposed GenNomis AWS S3 bucket containing 93,485 AI-generated images: https://www.theregister.com/2025/04/01/nudify_website_open_database/

• US Department of Education FERPA guidance on when a student photo is an education record: https://studentprivacy.ed.gov/faq/when-photo-or-video-student-education-record-under-ferpa

• UK government Crime and Policing Bill amendment requiring 48-hour takedown of intimate images: https://www.gov.uk/government/news/tech-firms-will-have-to-take-down-abusive-images-within-48-hours-under-new-law-to-protect-women-and-girls

• Malwarebytes guidance on sharenting and limiting children’s digital footprints: https://www.malwarebytes.com/blog/inside-malwarebytes/2025/11/sharenting-are-you-leaving-your-kids-digital-footprints-for-scammers-to-find