Zoom sued for fraud over privacy, security flaws

Zoom Video Communications was accused by a shareholder of hiding flaws in its video-conferencing app, part of a growing backlash against security loopholes that were laid bare after an explosion in worldwide usage.

In a complaint filed Tuesday in San Francisco federal court, the company and its top officers were accused of concealing the truth about shortcomings in the app’s software encryption, including its alleged vulnerability to hackers, as well as the unauthorized disclosure of personal information to third parties including Facebook Inc.

Investor Michael Drieu, who filed the suit as a class action, claims a series of public revelations about the app’s deficiencies starting last year have dented Zoom’s stock price - though the shares are still up 67% this year as investors bet that the teleconferencing company would be one of the rare winners from the coronavirus pandemic.

From Elon Musk’s SpaceX and Tesla to New York City’s Department of Education, agencies around the world have begun to ban usage of an app that’s risen during the coronavirus lockdown as a home for everything from virtual cocktail hours to cabinet meetings and classroom learning. On Tuesday, Taiwan barred all official use of Zoom, becoming one of the first governments to do so.

Zoom Chief Executive Officer Eric Yuan has apologised for the lapses, acknowledging in a blog post last week the company had fallen short of expectations over privacy and security. Cybersecurity researchers warn that hackers can exploit vulnerabilities in the software to eavesdrop on meetings or commandeer machines to access secure files.

Zoombombing 

Weak encryption technology has given rise to the phenomenon of “Zoombombing”, where uninvited trolls gain access to a video conference to harass the other participants. Recordings of meetings have also shown up on public internet servers.

The company also routed data through servers in China and used developers there, Citizen Lab said in a report last week. Any official data routed through China poses a major risk for Taiwan, a self-ruled island that Beijing claims as part of its territory. Taiwan’s government rejects China’s assertion, viewing the island as a sovereign nation.

“The rapid uptake of teleconference platforms such as Zoom, without proper vetting, potentially puts trade secrets, state secrets, and human rights defenders at risk,” researchers at the University of Toronto’s Citizen Lab wrote.

The company said it had mistakenly sent traffic through Chinese data centers as it was dealing with a “massive increase” in demand. It said it has stopped using that capacity as backup for non-Chinese clients.

Zoom is working on adding end-to-end encryption but that’s still months away, Yuan has said. Many of the problems stem from the fact that the app was geared toward enterprise clients with their own IT security teams, instead of the broad consumer app it’s become. The number of daily meeting participants across Zoom’s paid and free services has gone from around 10 million at the end of last year to 200 million now, the company said. Most of those people are using its free service.

ZAR/USD
17.42
(+0.37)
ZAR/GBP
22.67
(+0.72)
ZAR/EUR
20.50
(+0.17)
ZAR/AUD
12.42
(+0.66)
ZAR/JPY
0.16
(+0.86)
Gold
1923.97
(+0.94)
Silver
25.09
(+1.03)
Platinum
923.00
(+0.27)
Brent Crude
44.46
(-1.09)
Palladium
2117.50
(+1.24)
All Share
57339.50
(+0.30)
Top 40
53000.88
(+0.32)
Financial 15
10190.96
(-0.24)
Industrial 25
76334.30
(+1.07)
Resource 10
58393.09
(-0.49)
All JSE data delayed by at least 15 minutes morningstar logo
Company Snapshot
Voting Booth
Do you think it was a good idea for the government to approach the IMF for a $4.3 billion loan to fight Covid-19?
Please select an option Oops! Something went wrong, please try again later.
Results
Yes. We need the money.
11% - 967 votes
It depends on how the funds are used.
74% - 6436 votes
No. We should have gotten the loan elsewhere.
15% - 1329 votes
Vote