Bleeping Computer, a computer help site, has claimed that data of around 5,00,000 Zoom users are on sale on the dark web at prices even lower than Re 1. The report claims that the list of the sale was figured out by a cybersecurity intelligence firm Cyble around April 1.
It is when the intelligence firm purchased around 5,30,000 accounts at a price of just $0.0020 per account which roughly translates to 15 paisa for each account. This was attempted to raise awareness around the security breach of the user data.'
It means that these accounts were hacked and the leaked data was further used to access other accounts. The accounts that are successfully logged into are then compiled and sold to other buyers.
Security researchers and users have also pointed out ways in which these apps may have violated privacy.
Most of the Zoom users' data targeted belong to banks and educational organisations where 290 accounts were connected to famous institutes like the University of Vermont, Dartmouth, Lafayette, University of Florida, University of Colorado. While some of the leaked accounts were connected to companies such as Citibank and Chase.
In response to this report, Zoom said the company has already asked intelligence firms to detect password dumps listed by hackers. This will help them reset the passwords of users impacted by the hack.
"We have already hired multiple intelligence firms to find these password dumps and the tools used to create them, as well as a firm that has shut down thousands of websites attempting to trick users into downloading malware or giving up their credentials. We continue to investigate, are locking accounts we have found to be compromised, asking users to change their passwords to something more secure, and are looking at implementing additional technology solutions to bolster our efforts," the company stated.
Meanwhile, according to a Reuters report published in Live Mint - Standard Chartered Plc has warned employees against using the Zoom Video communications during the lockdown citing security reasons.
Chief Executive Officer Bill Winters send the message across employees asking them to stop using Alphabet Inc's Google Hangouts platform for virtual gatherings.