MIAMI (CBSMiami) — With so many people and students staying home and working remotely because of the coronavirus pandemic, usage of the video conference app Zoom, is spiking. However, the increase in its popularity is leading to a wave of scrutiny over security and privacy concerns and then there is the issue of “Zoom-bombing.”
In the last week alone, issues with Zoom’s privacy protections have been flagged by users, security researchers and US authorities.
Zoom was hit with a class action lawsuit accusing the company of failing to properly safeguard user data.
The complaint alleges the company’s app shared user data with third parties including Facebook.
Zoom said in a statement that “it takes its users’ privacy, security, and trust extremely seriously,” adding, “”During the COVID-19 pandemic, we are working around-the-clock to ensure that hospitals, universities, schools, and other businesses across the world can stay connected and operational.”
The FBI has also issued a warning against “Zoom-bombing,” where hackers or trolls hijack a public video call. The agency cited examples of users entering meetings or virtual classrooms to shout profanities and share pornography.
That is exactly what happened on a video call Wednesday morning between a teacher at Coral Reef Senior High School in Miami-Dade County. During a zoom video call with her students, about a dozen people wearing masks joined the class and started blaring music, shouted profanities and showed pornographic images. The teacher immediately ended the call.
The FBI urged victims of “teleconference hijacking” to report any incidents to the agency.
Zoom founder and CEO Eric Yuan addressed some of those issues in a tweet on Friday, saying they stem from users not enabling some security features such as meeting passwords and additional privacy controls.
“We will enforce these settings in addition to training and blogs,” he said.
A Zoom spokesperson said the company was “deeply upset to hear about the incidents involving this type of attack.”
Users hosting large public meetings should review their settings to make sure only the hosts can share their screen, and activate additional privacy controls, the spokesperson added. “We also recently updated the default screen sharing settings for our education users so teachers by default are the only ones who can share content in class.”