Reading:
Hundreds of thousands of Zoom passwords for sale on the dark web
Share:
cyberattack compensation

Data Leak Lawyers - Begin Your Data Breach Claim Today!

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Hundreds of thousands of Zoom passwords for sale on the dark web

It’s understood that there may be as many as 500,000 Zoom passwords up for sale on the dark web for less than a penny each as the video conferencing app’s popularity has skyrocketed during the Coronavirus pandemic.

Security experts believe that the hacked accounts have been comprised due to credential stuffing and from other hacked websites where credentials are re-used. Either way, as the popularity of the app has grown significantly as much of the world remains in lockdown, people need to be careful.

The last thing anyone needs in this already troubling time is hackers and scammers taking advantage of people’s vulnerabilities.

The dangers of compromised Zoom passwords

With so many compromised Zoom passwords, and a huge increase in the use of the app as a result of the COVID-19 lockdown, the dangers are real.

Hackers and criminals could hack into accounts to contact people. They could break into a conference and bombard victims with spam or links to potentially harmful websites. If people are not careful, they could engage with users and record conferences.

As such, the dangers are clear, and it looks like there are some hackers and fraudsters out there that are prepared to exploit people at this already vulnerability time. Companies using the platform for corporate matters must also understand that the dangers for their remote working employees are very real too.

How has the information been compromised?

It’s understood that the compromised Zoom passwords have not stemmed from a direct hack on the company as such. It appears that it could be a combination of credential stuffing and using compromised accounts where people have re-used the same credentials.

People should not underestimate what hackers and criminals can do. They can use software to try and guess passwords for accounts using combinations of standard ones people use, such as “password” or “password123”. Unbelievably, some people still use such passwords!

If credentials have been compromised in hacks from years ago and people are still not changing their passwords and still using the same credentials for multiple accounts, it’s open season for fraudsters. Criminals can sit on stolen credentials for years if needs be and wait for the opportunity to exploit them, as we’re perhaps seeing now.

How to protect yourself

As an established, leading data breach compensation law firm, we’re often in the media talking about cybersecurity issues. This includes advice to people about how they should protect themselves and make sure that they can stay safe online in an increasingly digitised world.

At the very least, people should not just assume that their Zoom passwords are safe. Given the wealth of users’ information that’s up for sale on the dark web, everyone would do well to change their credentials immediately. And, although you should never re-use the same login credentials, if you have, you need to consider those as just as at risk.

Three simple ways that everyone can keep safe can include:

  1. Use of strong, unique passwords for accounts. Never re-use credentials;
  2. Make use of an account’s additional security layers that companies offer, such as two-factor authentication and notifications for login events;
  3. Be careful about what you share online. It can be tempting to post your answers to another Facebook questionnaire about your first holiday destinations and first loves but, in reality, scammers can use this data against you. Many people’s memorable information they use for security is this kind of data, and some use such information for their passwords.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy
SRA
Contact
www.dataleaklawyers.co.uk is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon