Zoom has had an unmatched rise in popularity ever since the global outbreak of Coronavirus forced people around the world to work from home. However, the platform was seemingly unprepared for this boost in userbase, because this sudden rise in popularity also disclosed various security concerns regarding the app.
Zoombombing was one of the most dangerous flaws found in the video conferencing app, which caused schools in the US to ban the app for its students. Zoom CEO soon apologised for the issue and promised to fix the app.
Besides these, Zoom was also found to be infected with some other vulnerabilities that was leaking data of its users.
Now, a report by Bleeping Computer claims that half a million Zoom accounts have been hacked and the data from these accounts have been sold on the dark web.
Reportedly, these accounts are being sold for less than a rupee each and in some cases, they are being given away for free. This was first found by cybersecurity intelligence firm Cyble around 1 April.
Per the report, Cybel had reached out to the sellers of these Zoom accounts and bought 530,000 Zoom credentials at $0.0020 (15 paisa approximately) per account. “These accounts are shared via text sharing sites where the threat actors are posting lists of email addresses and password combinations,” Bleeping Computer writes.
These Zoom account credentials reportedly included email address, meeting URLs, passwords, and HostKeys.
The cybersecurity firm also revealed that most of the hacked accounts belonged to well-known companies such as Chase, Citibank, educational institutions, and others. 290 of these belonged to universities and colleges.
Currently, Zoom has not responded to this report, however, if you have a Zoom account it would be wise to immediately change your password if you use the same for other accounts and websites as well. You can also visit Have I Been Pwned to see if your account has been compromised.