Zoom Faces Data Breach Issues

By: Joshua B. Swigart

Zoom, the leader in online videoconferencing, is facing a backlash for its many security and data breaches. When the COVID-19 pandemic forced most companies and its employees to work remotely, businesses turned to Zoom for virtual meetings and conferencing. The platform has both paid and free options, and allows for up to 100 people to attend a meeting for free.

In April of this year, Zoom had a total of 300 million daily meeting participants – a staggering number compared to its 10 million users in December 2019. However, with Zoom’s popularity has come an increase in data security breaches.

In April, more than 500,000 Zoom accounts were stolen and offered up for sale (some for less than 1-cent) on hacker forums on the dark web. The information for sale included usernames and passwords, email address, host key, and personal meeting URL. This information gives hackers the ability to access the account,  the contacts that attended the meeting and the documents shown on the videoconference. These accounts belong not only to individuals, but also universities and banks such as Citibank and Chase Bank.

Because Zoom is easy to use and free, the company is also facing security threats that enable people that are not invited participants to “bomb” or drop into meetings. These hackers are able to do so by using automated login attempts and credentials from past data breaches. Once they are in the meeting, they have access to information and the other individuals.

Additionally, Trend Micro researchers discovered two instances of hacker-created corrupted Zoom installers. One of the installers opens a backdoor on a computer and the other one spies on the computer owner with screenshots, keystrokes and the webcam. Users are unaware these are hacking attempts because it looks like they are installing legitimate Zoom software. Zoom also faces criticism of their privacy policies and how the company was using personal data.

If you are a Zoom user and feel you’ve been the victim of a data or security breach, contact Swigart Law Group for a free consultation.

Swigart Law Group helps people who have been injured by banks, employers, drug and medical companies, or large corporations, and creates a meaningful and profound impact on the lives of people in the community. Our attorneys are experienced in the areas of consumer protection, privacy and data breaches. Unlike large law corporations, we hand-pick every case we take and we give each of our clients undivided personal attention.