Change Your Zoom Password NOW

Many of the more than 500,000 Zoom accounts that were for sale on the dark web belonged to university accounts.

Change Your Zoom Password NOW

Hackers used password-email combinations obtained through previous hacks and tried their luck on people’s Zoom accounts, meaning people who re-use previously-hacked passwords would be vulnerable.

If you use your go-to password for Zoom, consider changing it, according to a new report about cybersecurity researchers finding credentials for more than 500,000 Zoom accounts on the dark web.

Business Insider reports cybersecurity firm Cyble discovered the accounts, many of which were being sold for less than one cent per account. Others were being given away in bulk on hacker forums to be used for “Zoombombing” that allows bad actors to hijack Zoom meetings.

Cyble purchased about 530,000 accounts for $0.0020 each. The information purchased included email addresses, personal meeting URLs, and the six-digit pin number meeting hosts use to set up the call.

Many of the accounts for sale belonged to enterprise customers like Chase and Citibank, while others were for university accounts.

Zoom has been plagued with security and privacy issues for the last few weeks, but Zoom might be off the hook for this one, Business Insider notes.

“This doesn’t mean Zoom got hacked. Although the videocall service has been beset with privacy issues since the onset of the coronavirus drove millions more people to its service, the accounts for sale on the dark web were obtained using “credential stuffing” attacks. This means hackers used password-email combinations obtained through previous hacks and tried their luck on people’s Zoom accounts, meaning people who re-use previously-hacked passwords would be vulnerable.

“Effective ways to negate credential stuffing include using unique passwords for every site you visit online, and checking whether your email address has been leaked in previous data breaches using Have I Been Pwned.”

It’s generally a good practice to change your passwords periodically anyway, but it’s an even better practice to use different passwords for different platforms and programs. If your Zoom password is the same as any others, change it. While you’re at it, change your other passwords as well.

Zachary Comeau is the web editor for CS sister publication My Tech Decisions. This article originally ran in that publication. 

Read More Articles Like This… With A FREE Subscription

Campus Safety magazine is another great resource for public safety, security and emergency management professionals. It covers all aspects of campus safety, including access control, video surveillance, mass notification and security staff practices. Whether you work in K-12, higher ed, a hospital or corporation, Campus Safety magazine is here to help you do your job better!

Get your free subscription today!


2 responses to “Change Your Zoom Password NOW”

  1. Debbie Pope says:

    Good morning,

    I currently receive your magazine, however I do not get any email notifications like colleagues do. This morning one of my colleagues sent me an email link to Campus Safety regarding compromised zoom issues. I have checked my “junk” email inbox and don’t see any emails there from Campus Safety Magazine.

    How can I receive email notifications of new or important stuff that is happening.

    Is there a way for you to check and see if I am on a mailing list?

    Thanks so much.

    • Amy Rock says:

      Hi, Debbie! It looks like you were moved to our “master suppressed” list, which automatically happens when someone hasn’t engaged with our emails for a certain period of time. We have removed you from that list, so you should start getting newsletters soon! We have one scheduled to go out tomorrow morning. Glad to have you back 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters
Campus Safety Online Summit On-Demand Campus Safety HQ