Zoom, the videoconferencing platform and software has exploded in popularity due to the COVID-19 outbreak and everybody being confined to their homes. Schools have become reliant upon it to help teach students from home, companies are using it for conferences and meetings, and even PhD lectures are being conducted on their app. With the surge of users and traffic on their app, the New York State Attorney General Letitia James wrote Zoom a letter asking if they had updated any security or privacy software or practices. On Monday, the office sent Zoom a letter asking what, if any, new security measures the company has put in place to handle increased traffic on its network and to detect hackers, according to The New York Times.
The New York Attorney General is “concerned that Zoom’s existing security practices might not be sufficient to adapt to the recent and sudden surge in both the volume and sensitivity of data being passed through its network,” according to the letter acquired by The New York Times. Sensor Tower, experts in the mobile app market, currently have Zoom’s iOS as the most popular free app and number one downloaded free app for iPhones in the US. As the popularity of Zoom has increased, the software has struggled to resolve a number of data privacy and security concerns. Their struggle to keep up with security concerns like the “Zoombombing” issues, has led to criticism from some user groups, privacy groups and children.
“Zoombombing” is when somebody exploits the Zoom screen-sharing feature to hijack meetings and interrupt however they see fit. There have been cases of Zoom meetings being hijacked and people posting anti-semitism, racism, pornography, and other horrible comments just for the sake of interrupting and messing with people’s video conferences.
Vice also just revealed Zoom is leaking personal information of thousands of users, including their email address and photo, and giving strangers the ability to attempt to start a video call with them through their app. Zoom has a feature in their “Company Directory” settings that categorizes and puts all users using the same domain when signing up in a group. This allows coworkers to find colleagues and peers more conveniently when signing up through your work email. The problem is a lot of Zoom users say they signed up with personal email addresses, and Zoom proceeded to pool them together with thousands of strangers as if they all worked for the same company, exposing their personal information to one another. Trolls and hackers have attempted to take advantage of this flaw and have been video calling random people in hopes they answer and allow them access to their screen.
Zoom’s security and privacy issues will continue to climb as their popularity continues to astronomically climb. NY Attorney General Letitia James is right to be concerned about their security measures and whether they are adequately prepared. With lots of schools and medical facilities becoming dependent on Zoom to function, it is imperative that Zoom places extreme security measures around that sensitive data collected. Unless you rely upon Zoom for work or for your childrens’ education, we recommend staying clear of Zoom until they address these compiling privacy issues.