Zoom Data Breach

 

Your Credentials Are Being Sold Right Now on Dark Web For Less Than a Cent

Zoom was recently hacked and the half-million credentials that have been stolen are now sold online for $0.002. In this article, we will take a look at how the data breach happened and how you can see if your email address has been compromised (and what to do about it), too. Let's dive in.

Zoom is a useful platform that offers online chat and video conferencing services to all of its users. It does this through a cloud-based, peer-to-peer platform, and this technology is usually applied to distance learning, teleconferencing, telecommuting, and social relations. Zoom can be used to hold video conferences of about 100 participants, and each video has a 40-minute time limit. Anyone who plans to hold longer meetings would have to pay a subscription fee ranging from $15 – $20. Business owners who are interested in making use of this app for more extensive services can get access to them (such as Zoom Rooms) for about $50 – $100 per month.

Regardless of Zoom's usefulness, a few days ago, the company was hit with a big problem. There has been a data breach that allowed scammers to access the back end of the platform. As a result, over 530,000 Zoom users had their credentials stolen, while online trolls have been "zoombombing" calls. They started to disturb teleconferences with pornographic and racist content, which has made it difficult for schools, organizations, and other companies to hold online classes, work conferences, and training sessions. Consequently, the platform has been banned by several institutions that were seeking to protect their staff or students.

Watch the video below to see a report on the 'zoombombing' activities:

 

 

There's also the issue of the stolen credentials. All the vital information that was registered on the platform being sold now at a low price online. The data gotten from these breaches are usually used to access a variety of other services. They could be very costly for the user, especially if their personal info got into the wrong hands. The types of credentials sold varied from one user to another.

 

Zoom Data Breach: How It Started

It all started when a cybersecurity firm noticed that a large number of Zoom accounts were being offered for sale on an online hacker forum. Surprisingly, all 530,000 were being sold for about $0.002 each while some were even given out freely. The credentials which were for sale included meeting URLs, passwords, and email addresses. Some hotkeys made it easier to enter into online meetings and carry out the infamous "zoombombing." Cybele discovered the online hacker forum, and an initial report was made on Bleepingcomputer.

A majority of the accounts affected were for regular users. However, the big-name brands were also not left out of this massive data breach. Some of the details belonged to reputable clients such as Chase and CityBank. As an extra for verification, these details were cross-referenced and found to be valid or belong to real people.

The credential was said to have been obtained through the use of a hacker tactic known as "credential stuffing." This means they were gotten by using users' details from other platforms. This is why cybersecurity agencies have warned users against the use of similar credentials to access different social media accounts. If your details were compromised on one platform and you make use of the same information on another platform, you'll suffer the same results there too.

 

Many Companies Have Been Ditching Zoom

Zoom has become an essential service for many people worldwide who are still trying to keep up interactions despite the compulsory coronavirus isolation. However, this has led to a proliferation of hacker activities, and they are breaking into multiple accounts. This has affected a lot of meetings and online conferences.

Many companies have been ditching the Zoom use in the last few days for obvious security reasons. Notable names that have stopped the use of the app include NASA, SpaceX, Tesla, Google, the US Senate, New York City Schools, and German Federal Foreign Office. Zoom has responded by sending out an update that promises to tighten up security for its users, but it's yet to be trusted. The update makes it easier to access privacy security tools. In the app, there will be a dedicated security icon at the bottom of the screen, which users can use to access the app's security features.

zoom data breach

 

Also, the zoom team has removed meeting IDs from the title bar. This is another security measure to help improve privacy. According to the company, this was a way to prevent hackers from viewing acting meeting IDs when screenshots are taken. This would make it easier to gain access to any such meetings.

How to change a zoom user password and unlocking a Zoom user account?

As a part of improving your security as a Zoom user, people are advised to change their passwords. How do you go about this? An account owner or admin can easily change the password of an account member by utilizing User Management.

Whenever a user inputs the wrong password many times during the login process, the account could get locked. However, it's possible to unlock it via the Zoom Web Portal. 

 

How to Change a Zoom User's Password

 

  • Navigate to the Zoom Web portal
  • Go to User Management and then click on Users.
  • Identify the email address of the user that you want to change and select it. 
  • Click on the Edit tab, which can be found next to the Sign-in password. 
  • Input the new password twice.
  • Select save changes, and after this, you'll receive a notification that changing a password will sign you out of other devices. 

 

How to Unlock a Locked Zoom Account

 

  • Navigate to the Zoom Web portal.
  • Go to User Management and then click on users.
  • Identify the email address of the user that you want to change and select it. 
  • Click on Unlock next to the email address that you want to open. 
  • After this, you've unlocked the account and can now change the password or even reset it. 

 

How to Protect Your Zoom Account From a Data Breach?

 

  1. Check your other accounts to identify which of them has recently suffered a similar data breach. 
  2. Check your Zoom settings to make sure that you are not logged in on other devices. 
  3. Change your password.
  4. Protect your credentials and avoid clicking on any suspicious links.
  5. Do not give out your personal details to strangers. Some hackers can guess your password from personal information.

 

How To See If Your Email Address Is Compromised

To see if your email address has been hacked (or, in other words, if it "was pawn'd"), visit this website and input the address there. You could follow the steps suggested on the page if bad things happened.

 

Suspicious Activity: How To Report a Scammer

Let your family and friends know about this article by sharing it on social media using the buttons provided. You can also officially report the scammers to the Federal Trade Commission using the link below:

Report To The FTC Here

 

How To Prevent Identity Theft and More

If you want to be the first to find out the most notorious scams every week, feel free to subscribe to the Scam Detector newsletter here. You'll receive periodic emails – we promise not to spam. Meanwhile, educate yourself with some other fraud-related articles right under this paragraph, so that you can protect yourself in many other aspects and niches. Last but not least, use the Comments section below to expose other scammers.

Here are some must-reads for the end:

Credit Card Fraud

How to Prevent Identity Theft

Unacademy Data Breach

GoDaddy Data Breach


identity theft protection

RECOMMENDED VIDEOS

One of the Most Inspirational Videos You'll Ever See  
   
TikTok Scams  
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
Find Scams