1 Million Websites Hacked Through an Accessibility Tool: What You Need to Know
In a shocking twist that should shake every C-suite executive out of complacency, over 1 million websites were hacked via an accessibility overlay tool. Yes, you read that right. An accessibility tool — something that’s supposed to protect users — became a vulnerability large enough to topple digital empires.
As companies scramble to comply with the European Accessibility Act (EAA), many are being sold on the promise of quick fixes. Overlay tools sound convenient — plug them in and you’re magically accessible, right? Wrong.
The recent cyberattack proved otherwise. Hackers exploited the very tool that was marketed as a safeguard. And in doing so, they left an enormous footprint across Israel's digital infrastructure, bringing down entire sites and exposing private data.
This is not a one-off. It is a warning.
The EAA takes full effect on 28 June 2025, and the focus is on real, testable WCAG compliance. That means overlays — which are not compliant, not secure, and not endorsed by experts — are no longer viable options. In fact, they may actively increase your legal and reputational risk.
At Accessibility Audit, we do not use overlays. We begin with real-world testing by disabled users, create a legally compliant Accessibility Statement, and provide you with a clear roadmap toward full WCAG compliance.
If your site is using an overlay, or if you’re unsure how to meet your EAA obligations, now is the time to act. One simple conversation could prevent a costly mistake.
Book a free call. Let's make your website secure and accessible — the right way.