Lobbybombing bug for school users.
So, I have a multiuser tenant which runs a secondary school, what we have witnessed is students abusing the lobby notification feature using the anonymous access via the meeting url.
So, a legitimate student joins the class video call.
They get the meeting join URL from the ellipsis menu\meeting info.
They paste that into an incognito browser window and join via the anonymous feature whereby they are asked to enter a name.
They either enter the name of another student in the meeting to fool the teacher in to thinking they are legitimate or type anything and constantly request to join.
The issue is compounded by virtue of several students taking part in this venture resulting in a constant flurry of notification sounds of people waiting in the lobby.
I must stress at this point the users are locked down very tight as per documentation.
I've also checked the logs for said users and the IP reported belongs to Microsoft so there is no way for me to correlate an IP to the learners who have logged in to teams :(