Zoom, the world leader in modern teleconferencing communications, has recently suffered criticism as they face a number of security breaches.
The application, which has continued to gain popularity amid the raging COVID-19 pandemic, has come in handy at a time when millions of organizations have asked their employees to work from home. Unfortunately, reports of unauthorized access to user information and its availability on the dark web has surfaced.
352 Compromised Accounts and Lots of Potential Damage
It has been reported that about 352 Zoom user accounts have been compromised by cybercriminals. The accounts have become victim to a data breach that has led to the sharing of personal user info over the dark web. Among the pieces of information that have been jeopardized include password data, personal user identifiable information and other forms of sensitive user information.
A statement from a security research lead at Mashable, intimated the nature of the security breach and its expected negative impact on Zoom and its users. According to Dov Lerner, the security researcher attached to the digital media company, it is likely that the compromised user accounts will suffer troll attacks as far as their hosted meetings are concerned.
The likelihood of cybercriminals to use the accounts to troll their owners is real, including the fact that the accounts’ contacts will suffer the same fate when the account owners will initiate teleconferencing calls.
Even scarier, the cybersecurity believes that the stolen zoom credentials will go a long way in enabling cybercriminals to effectively eavesdrop on corporate and personal interactions associated with the compromised accounts.
In addition, identity theft may also crop up as a result of the myriad of options that have been disposed to malicious actors that may access the account credentials via the dark web.
VIPs Among the Affected
It is reported that the stolen user accounts have been categorized in terms of importance – with a filtering process that has led to the separation of premium users who’ve paid for costly service plans.
Importantly, it is noteworthy to acknowledge that the nature of compromised user profiles present a new challenge. This reality comes in the wake of knowledge about the fact that while most of the accounts are personal, a host of the breached accounts belong to private sector organizations and educational establishments including a host of major U.S. healthcare institutions.
Further Security Concerns
Security pundits have noted the privacy concerns and security shortfalls that have befallen the Zoom application even as organizations and countries enforce social distancing guidelines.
Among the latest security concerns include the fact that the application may be used by bosses to spy on their employees at home. Additionally, allegations of Zoom sharing user info with Facebook and LinkedIn applications have surfaced.
Indeed, the last few weeks have been tumultuous for Zoom, with public and private institutions questioning the company about the privacy issue. In response, Zoom CEO Eric Yuan apologized to users about the security problems that have been raised so far. According to his statement, the firm looks to fixing the security bugs in the upcoming weeks to protect users.
While this statement serves to reassure the affected Zoom users, the organization must figure out just how 352 accounts became exposed on the dark web.
You can join the discussion on Dread and Tape forum