Thousands of private zoom recordings are exposed on the open web.
Zoom is one of the most popular free software applications used worldwide for telecommuting, distance education and social relations.
As the whole world is under lockdown due to novel coronavirus, it has urged remote workers to hop on online platforms for conducting remote meetings, taking online classes and keeping in touch with their families.
The videos can be viewed and downloaded through a “simple online search” as they are posted on Amazon Web Services (AWS) buckets without passwords and because the recordings are apparently named in “an identical way.”
Each such name contained 15,000 separate recordings out of which some of them contained highly sensitive information.
The video recordings that were visible included personal therapy sessions, company business meetings involving private financial records and even a beauty therapist demonstrating to pupils how to giveB razilian wax.
“Amazon buckets are locked down by default but many users make the storage space publicly accessible either inadvertently or to share files with other people,” reads Washington Post’s article.
“Zoom meetings are only recorded at the host’s choice either locally on the host’s machine or in the Zoom cloud,” it said.
“Should hosts later choose to upload their meeting recordings anywhere else, we urge them to use extreme caution and be transparent with meeting participants, giving careful consideration to whether the meeting contains sensitive information and to participants reasonable expectations,” the company said in a statement to The Washington Post.
Zoom has recently undergone issues such as ‘Zoombombing’ where it had patches for three new zero-day bugs.
All engineers sources will see a ‘feature freeze’ to focus on trust, safety and privacy issues.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.Y
You may be interested in reading: ASP.NET Hit by Ransomware