Zoom, which speaker of the house Nancy Pelosi mistakenly called a ‘Chinese Company’ earlier this week, is in troubled waters. More and more governments are urging their workforce not to use it as fears over security hacks are mounting. According to a 13 April BleepingComputer report, some 500,000 user profiles were already being sold on the Darknet (the illegal side of the internet).
Within darknet and hacking forums, perpetrators are pawning off 500,000 user accounts from the popular internet video conferencing site.
“These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches,” the report said of Zoom users’ information.
“The successful logins are then compiled into lists that are sold to other hackers.”
The video conferencing app has grown tremendously during soaring demand as more and more employees resorted to telework. However, as chief executive Eric Yuan already admitted, in the rush to meet demand during the coronavirus lockdown some best practices were not implemented and some meeting data may have been routed through China.
Mr Yuan said this issue had since been corrected. Now, the company has said it will allow its paying subscribers to directly choose which data centre regions are happy for their meeting data to transit through.