Cyber Threat Alert

Over 500,000 Zoom Accounts Hacked

Recently, we reported about Zoom’s efforts to check and improve their privacy and security settings during the COVID-19 pandemic. Zoom asked users to do the same.  

Zoom (a video conferencing service), whose recent increase in use has surged as a result of COVID-19 remote work, is providing us with the ability to see work colleagues, clients, teachers, and fellow students in real-time on our device screens.  

Many new accounts on Zoom have been secured with old, re-used passwords. Now, reports indicate that over 500,000 Zoom accounts are being sold or given away on hacker forums.  

Why This MaTters

  • The reality is that emerging tech goes hand in hand with emerging risk.  
  • This scenario involves the plight of password re-users. 
  • Change your Zoom password now if used elsewhere. 

Description

Now, Over 500,000 Zoom login passwords are being sold on the dark web and hacker forums after credential stuffing attacks on Zoom.

Threat actors attempt to login to Zoom using old account passwords leaked in prior data breaches. If successful, the login passwords are compiled in a list and sold to hackers to use in Zoombombing or other activities. Since their value on hacker forums is low, they are often given away.

Reports indicate that accounts for major banks and educational institutions were included. This report illustrates that the high-risk practice of re-using passwords runs the gamut from our home offices to corporate America.

Of course, some risk is borne by the product or service developer. However, users must take control of their privacy and security settings, including login credentials.

TAKEAWAYS

Users must implement privacy and security measures now:

  • Change the Zoom password if used elsewhere!
  • Zoom Password: If you set up your Zoom account using your old passwords, you can reset your password.
  • Use unique, strong passwords for each service and device.
  • If you cannot remember your passwords, try an app (e.g., LastPass, 1Password, DashLane) for password management.
  • Zoom Meetings: Create a password for each Zoom meeting – do not re-use passwords for any of your products and services.
  • Waiting Room: Create a waiting room of all participants who join the meeting – then lock it down once the meeting begins.
  • Social Media: The Zoom meeting link should not be shared on social media.

Sources: 

Bleeping Computers: https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/

Forbes: https://www.forbes.com/sites/leemathews/2020/04/13/500000-hacked-zoom-accounts-given-away-for-free-on-the-dark-web/#5752c6af58c5

Cyber Insurance Solutions

Cyber insurance is your go-to option when you are looking to transfer some of this risk that cannot be fully mitigated:

  • Social engineering coverage, including employee education and risk mitigation services
  • Ransomware or cyber extortion coverage, including ransom payments and/or data recovery
  • Data breach coverage, including direct first-party losses and third-party liability and damages
  • Business interruption coverage, including loss of profits and extra expenses incurred during a shutdown of your computer network.
  • Employee training and educational tools to help prevent attacks and protect your network / data
This article is made available for informational purposes and is not intended to be a substitute for professional or legal advice. No attorney client relationship is formed or implied between you and the authors(s) or Cyber Armada Insurance.

Topics: Remote Work Covid-19

Cyber Threats Home
Cyber Armada Team
Posted by Cyber Armada Team on Apr 15, 2020 12:58:30 PM
Facebook Linkedin Twitter
Application

Apply for Cyber Insurance Online

Answer a few questions online and Cyber Armada will design a cyber insurance policy tailored to your particular needs.

Apply Online
Apply for Cyber Insurance
Schedule an appointment with Cyber Armada
Appointment

Can we talk?

We're ready to talk when you are. You can schedule an appointment to speak with a representative from Cyber Armada when it is most convenient for you. Whenever possible we use online meetings to increase productivity and increase the amount of time we can spend with you. We use Zoom Meetings as our preferred video conferencing platform.

Schedule Appointment