Zoom has been sued by shareholders for allegedly hiding security holes

A shareholder of Zoom Video Communications has filed a lawsuit against the company for covering holes in its video conference application. Along with the actions of other organizations, this event shows an increasing outcry against the security holes the company is facing after explosive growth globally.

In a complaint filed with the San Francisco State Court on Tuesday, the company and its top executives were accused of hiding the truth about the deficiencies in the application’s software encryption layer, including including vulnerabilities that hackers can exploit, as well as the unauthorized disclosure of personal information to third parties such as Facebook.

Investor Michael Drieu, who filed the lawsuit, argued that it was Zoom’s discovery of these security flaws since the end of last year that curbed the rise in stock prices – even though Zoom stock had risen to 67 % this year when many investors thought that this remote conferencing application would be one of the rare winners of the corona virus pandemic.

Currently, from Tesla, SpaceX companies of billionaire Elon Musk, Google search firm to the Education Department of New York City and many agencies around the world have begun banning the use of Zoom. Most recently, Taiwan also banned officials from using the app.

In the face of security scandals, Zoom’s CEO Eric Yuan publicly apologized in a blog post and admitted that the company did not meet security and privacy expectations. Security researchers have warned that hackers could exploit vulnerabilities in this software to eavesdrop on meetings or hijack computers to access confidential information files.

In addition, Zoom’s weak security technology has caused the “Zoombombing” phenomenon where intruders can participate in a video conference and harass participants. In addition, clips of thousands of these meetings have recently been released on non-secure cloud platforms, making them easy to find and download.

In a Citizen Lab report, last week, Zoom also redirected some data through servers in China and used developers there for its applications. However, the company said sending bandwidth through data centers in China was only an unintentional mistake when the company had to cope with a spike in demand. Zoom says it has stopped using these data centers to back up to customers outside China.

Zoom is also currently developing end-to-end encryption solutions but it will take many more months to complete. Many of the problems stem from application being built to target corporate customers with their own IT security team, instead of targeting the general population today. The number of meetings per day on Zoom has increased from 10 million at the end of last year to 200 million. Currently, most Zoom users are using the free services.

Refer to Bloomberg