News Hub

Zoom halts development to plug security holes

Written by Thu 2 Apr 2020

Video conferencing firm admits it has ‘fallen short’ of security expectations and is working to improve the platform

Zoom has apologised to users over security and privacy issues which have plagued the platform, pledging to make changes in the coming weeks.

The video calling platform said its usage has “ballooned” since the start of the coronavirus pandemic as millions of people were forced to work and study from home.

Founder and chief executive Eric Yuan has admitted the platform struggled to deal with the demand and as a result of the increased attention, a range of flaws within the service have been highlighted.

He confirmed that for the next 90 days, all new feature development was being frozen to instead focus engineering resources on security issues.

“To put this growth in context, as of the end of December last year, the maximum number of daily meeting participants, both free and paid, conducted on Zoom was approximately 10 million. In March this year, we reached more than 200 million daily meeting participants, both free and paid,” Mr Yuan said in a blog post.

He said supporting the arrival of so many new users had been a “tremendous undertaking” but recognised the platform had “fallen short” of privacy and security expectations.

The Zoom founder added that he “deeply sorry” and confirmed the company would also conduct a security review with third-party experts and publish a transparency report.

Zoom’s rise in popularity has seen Prime Minister Boris Johnson use the service to chair a virtual Cabinet meeting, while millions of others have begun using the service for work and study as well as to stay in touch with friendship groups.

But concerns have been raised about security and privacy on the platform, including “Zoombombing”, where strangers enter a meeting and harass those taking part or display explicit material.

These incidents exploited a Zoom feature which leaves meetings open to anyone unless locked by the host and forced the company to publish online guidance on how to protect calls.

Cyber security experts have also raised concerns about Zoom’s practices in the past, such as previous flaws and now altered features, including one tool which raised privacy concerns because it allowed meeting hosts to check if other attendees clicked onto another window on their screen during the call.

Another previous issue with the platform saw hackers able to hijack a user’s webcam.

The company has also apologised for misleading users by incorrectly suggesting Zoom video meetings used end-to-end encryption, which it had previously stated on its website.

“Transparency has always been a core part of our culture,” Mr Yuan said.

“I am committed to being open and honest with you about areas where we are strengthening our platform and areas where users can take steps of their own to best use and protect themselves on the platform.”

Written by Thu 2 Apr 2020


Coronavirus privacy zoom
Send us a correction Send us a news tip