Is Your Zoom Meeting Safe?

2020-04-15 11:21:00

NOTICE: If you believe your Zoom account credentials have been hacked, contact the Arnold Law Firm at (916) 777-7777 as soon as possible.

hacker-video-chat-headsetNearly everyone has turned to Zoom to keep personal and professional interactions moving through COVID-19 shelter-in-place restrictions. Video conferencing services have allowed millions to hold meetings, connect with customers, and even meet up with friends for virtual happy hour.

Unfortunately, Zoom’s popularity explosion has also revealed serious security concerns, including consumer privacy rights violations that we addressed last week.

On March 30, 2020, the FBI issued a warning about teleconference hijacking in response to Zoom’s failure to maintain proper privacy and security measures for its users, stating that the video meeting app is prone to hacking.

There are new reports that hackers have sold thousands of Zoom user account credentials on dark web forums. On April 10, 2020, two cybersecurity companies reported multiple database exposures, one involving more than 2,300 accounts and another compromising 350 accounts.

Exposed information includes:

  • Names
  • Usernames
  • Email addresses
  • Passwords
  • Meeting IDs
  • Host keys
  • Corporate account credentials for banks, consultancy companies, educational facilities, software vendors, and healthcare providers

What is at Risk with a Zoom Account Security Breach?

A hacker who has Zoom account credentials can easily identify the person associated with the account using Google or LinkedIn. The attacker can then potentially impersonate the victim to:

  • Set up meetings with other contacts
  • Compromise business emails
  • Interact within the employer communication structure
  • Share files and credentials over Zoom chat
  • Request the movement of corporate funds
  • Eavesdrop on the exchange of intellectual property and confidential or financial information

Hackers may also use the information for prank activity, phishing attacks to entice employees to click on links, and exploit insecure remote work environments.

Researchers urge Zoom users to employ all available security options, including user passwords or PIN codes for all online meetings and avoiding sharing meeting IDs over public forums.

The Arnold Law Firm is currently investigating these Zoom cybersecurity incidents. If you believe your Zoom account credentials have been hacked, contact us at (916) 777-7777 as soon as possible to assess your situation and possible legal options.