Zoom-Another day, another gap in the Zoom for meetings and video calls app, this time thousands of meeting records and calls made by users were exposed
and stored in the cloud
This is because Zoom uses the name of the registry files.
Zoom names the meeting log files in a predictable manner
Many of them are stored on an unprotected Amazon cloud
that can be accessed via search engines.
According to The Washington Post, Zoom
a search engine accessed 15,000 records of Zoom meetings and calls,
and thousands of them were downloaded
and re-published on popular video services like YouTube and Vimeo.
By looking at these accessible clips, they included a wide range of uses for zoom, including those related to health and treatment.
Some are business and company meetings,
others are student lessons and others.
The company was informed
by the newspaper of this strange defect
There is no information yet on
Zoom provides the feature of recording and storing calls both on the host and the cloud. The company submitted a diplomatic statement saying it
It provides transparency to all participants,
and choose where the recording will be stored later.
With the increased reliance on Zoom service recently for communication and work remotely, it has 200 million active users daily,
compared to 10 million users only three months ago.
This growth in use has increased security concerns,
and indeed many vulnerabilities
and problems that have been solved
Such as leaking user data with Facebook or the ability to know the email addresses of the attendees.
- for the next three months
- to stopping the development of any new application features and focusing only on security,
Trying to improve her reputation,
Zoom found leaking personal user data
Zoom’s sky-rocketing popularity seems to be a mixed blessing for the company, as yet another privacy issue crept up this week,
involving leakage of personal information of thousands of users by exposing their email address and photo to strangers on the platform
and potentially enabling the latter to initiate unwanted video calls.
The problem this time isn’t confined
to Zoom’s recently fixed iOS app,
but as Vice notes,
it is related to how the platform’s
While users who’ve signed up with the same company email domain are grouped together to make searches
and calls easier with colleagues,
some people who used their private email to join Zoom have had thousands of strangers added to their contacts list,
all of whom Zoom perceives are working under the same organization as they have the same domain name.
With so much added attention and use,
it was not surprising when reports emerged
that the app was leaking personal data
and had a flaw that could allow attackers to retrieve users’ Windows credentials.
Such problems are common when any software gains widespread use,
particularly when the program is used in ways
that the designers did not foresee.
“Our platform was built primarily for enterprise customers,
” explained Zoom CEO Eric S. Yuan in a blog post on Wednesday.
“We did not design the product with the foresight that, in a matter of weeks, every person in the world would suddenly be working, studying,
and socializing from home. We now have a much broader set of users who are utilizing our product in a myriad of unexpected ways,
presenting us with challenges we did not anticipate when the platform was conceived.”