Zoom has been caught in the crossfire of issues surrounding the security of its user’s data. It will now allow paid users to opt-out of unwanted servers.
Zoom has had a sweet and bitter victory over the course of the Coronavirus pandemic. On one hand, the company is seeing a historical rise in its number of users. This proved to be the driver that increased the value of the company during the early time of the pandemic.
On the other hand, the company is also trying to do damage control over their lack of preparation for the increase in user number. Their system is vulnerable, to say the least. The lack of end-to-end encryption has allowed hackers to infiltrate their user database.
Due to these threats from hackers, the value of the company has been brought back down to earth.
Other than the main concern on hackers, another issue that the company had to deal with was the routing of the video conferences to servers in China. This happens in spite of the fact that all the users from the video call are based elsewhere.
— Zoom (@zoom_us) April 15, 2020
Option out for paid users only
In an April 13 post of Zoom in their own blog, the account mentioned that paid users might choose which servers they want to rout their call through starting on April 18, 2020.
It didn’t specifically mention any country. What is basically implies is that paid users may now feel more secure as they are given the control of the video call routing.
As for free Zoom users, the blog adds that their information is safe. No access to the database is given to countries where the calls are routed too.
According to Zoom, the database is always geofenced. On April 3, the company has removed all its HTTPS tunneling servers in China. They added that this was to prevent any inadvertent connection through China.
Zoom user data for sale for less than a penny
According to a report by a third-party cyber risk intelligence platform, Zoom has had its database hacked by ill-intended people.
It reported that almost 500,000 user data had been posted for sale on the dark web. To add insult to injury, the data sets were sold for less than a penny, as confirmed by the security platform.
The company also counter-checked the data and tried to buy these data sets to contact the users of the accounts. In their investigation, they were able to successfully contact the actual users of the account. After notifying that their accounts have been compromised, the users were told to change their passwords across all of their online accounts.
Should they not do so, they run the risk of having all of their personal information compromised as well.
Image courtesy of Unsplash/ Allie Smith