Zoom's security incidents have taken a lot of ink and, after the discovery of more than 500 thousand accounts sold in hacker forums on the Dark Web, another platform vulnerability has emerged. The security breach in question allowed any malicious hacker to access the virtual meetings recorded through Zoom and stored in the Cloud even if they had been deleted by the user.
According to Phil Guimond, information security architect at CBS Interactive, the security breach made it possible to search for a particular company or organization in Zoom's video archive via sharing links. The content found could be easily viewed and even transferred, for example, to a computer.
The discovery was made when the specialist was analyzing the platform's security level using a tool he developed. CNET, one of the members of the CBS Interactive network, Phil Guimond indicated that Zoom did not consider any security aspect when developing the platform. The expert also stressed that Zoom probably has the largest number of vulnerabilities found in services of this kind.
Zoom became aware of the security breach and put in place some security measures, such as the protection of share links through captcha codes. However, changes to the privacy of stored videos did not arrive until three days later. On its website the company indicates that it has introduced, for example, a complex password system to prevent future incidents.
Zoom has been reinforcing security and making an effort to communicate this idea to those who use the platform. However, it should be remembered that several organizations and companies have already demonstrated their use, including the state of New York and even Google.