Image by Pete Linforth from Pixabay
Following some very serious cybersecurity breaches that the teleconferencing application Zoom has been experiencing for the past couple of weeks, CEO Eric Yuan apologized to the public and all its users in a live YouTube stream on Wednesday, April 8. Yuan also shared the company's recent updates on their privacy features and swore that they would take these lapses very seriously.
Yuan went on for at least two hours, talking to viewers on YouTube, saying that "Clearly we have a lot of work to do to ensure the security of all these new consumer use cases, but what I can promise you is that we take these issues very, very seriously. We're looking into each and every one of them. If we find an issue, we'll acknowledge it and we'll fix it."
The live chat that took place echoed the same comments that previously Yuan did with CNN and The Wall Street Journal. As Zoom struggles to acclimate to its newfound consumer audience as a result of the global lockdown, they have now appointed a 90-day freeze on all planned features as they begin to roll out a handful of changes earlier this week to try and prevent "zoom bombing" and other kinds of harassment on the platform.
The CEO also addressed a Citizen Lab report that was published last week that showed a number of encryption keys that were being processed through China's server even when all the participants in the meeting were abroad. According to Yuan, the entire communication developed as a result of client applications that were trying to contact a timing server.
Still, even the slightest chance of such communication can eventually open doors for hostile actors which makes this whole situation a significant vulnerability for Zoom. Yuan also said that "this should never have happened and the issue was completely addressed last Friday."
This live apology from Eric Yuan followed a recent incident that involved 352 Zoom accounts being stolen and shared on the dark web. According to Tech Times, this was discovered by a cybersecurity firm, Sixgill where these accounts have been compromised and shared by a certain user on the dark web, and all of which include all personal information, data, and passwords.
Zoom will be bringing in help from Facebook's security chief Alex Stamos to collaborate in managing the company's new security and privacy challenges -- although Stamos will not be an employee or even an executive with Zoom.
Stamos said the following in a post with Medium: "In a time of global crisis, Zoom has become a critical link between co-workers, families, friends and, most importantly, between teachers and students, [That] has created privacy, trust and safety challenges that no company has ever faced."
Aside from all the security and privacy problems, Zoom has also been facing new levels of scrutiny from US lawmakers and regulators in the form of a letter to the Federal Trade Commission (FTC). These guidelines would also affect, not only Zoom, but other competitors like Google Hangouts, and Skype.