Zoom is all over everything and everyone! Kids doing classwork are having issues with inappropriate images showing up and now over 500,000 accounts are hacked.

What are you to do? I use Dashlane to easily keep track of my passwords and which passwords are used more than once or are compromised!

This is reprinted from Dashlane this morning. Get Dashlane HERE: http://bit.ly/savepwords

500,000 Zoom Accounts on the Dark Web

Cyble, a cybersecurity company, first noted the situation on April 1st: half a million Zoom accounts for sale on the dark web, available at a bulk price of $0.002 per account. Other accounts are reportedly being shared for free.

The video conferencing platform has been under intense scrutiny during an unprecedented moment when the world is depending on its technology more than ever. Following various issues, they halted all features development for 90 days in order to address the multiplying security concerns.

What information was compromised in this incident?

  • Email addresses
  • Passwords
  • Personal meetings URLs and host keys

The host key is a six-digit pin tied to a user’s account that is used to claim host controls for a meeting.

Was Zoom hacked?

No. The breached accounts appear to be an instance of credential stuffing, a type of attack in which hackers use previously stolen account credentials in a large-scale, automated attempt to gain access to a different company’s accounts.

Hank Green

@hankgreen

This is being discussed as a hack of Zoom, but Zoom didn’t leak the passwords. Hackers used previously-leaked username/password combos from other hacks to attempt to login to Zoom. Hackers found over 500,000 that worked. https://twitter.com/SAI/status/1249986400512024576 

Business Insider Tech

@SAI

Researchers found and bought more than 500,000 Zoom passwords on the dark web for less than a cent each http://www.businessinsider.com/500000-zoom-accounts-sale-dark-web-2020-4 

158 people are talking about this

What is the best way to protect yourself from this type of credential stuffing attack?

Stop reusing the same passwords on multiple accounts. All your accounts—but especially those that store sensitive information like credit card or social security numbers—should be protected with strong, unique passwords. A strong password has a minimum of 8 characters and includes a mix of uppercase letters, lowercase letters, numbers, and special characters. Here are some additional tips to help you get out of the habit of reusing passwords:

Use a password manager
The average person has over 150 accounts. That is too many complex, unique passwords for the human brain to remember. That’s where password managers, like Dashlane, can help. Dashlane has a built-in password generator to help you create strong passwords for new accounts and save them securely, plus in-app security alerts that notify you immediately when you need to change your passwords after a data breach.

Enable 2FA
You have the option to add extra protection with two-factor authentication (2FA), especially on sensitive apps like your social media and online banking accounts.

What can Dashlane users do?
Run a dark web scan. Dashlane’s Dark Web Monitoring scans the web for leaked personal data and sends you alerts so you can take action to protect your accounts.

How to keep your Zoom chats secure and private

There’s a reason Zoom is wildly popular. It’s incredibly simple and intuitive, but in removing all friction from its product, the company neglected crucial security elements—a decision they are currently reevaluating. In the meantime, here are some tips for making your Zoom conferences more secure:

Keep your Zoom link or code private
Don’t share it out on public channels or social media.

Set a meeting password
A password will keep unwanted people from crashing your meeting. Here is info on how to add a password.

Make a waiting room
This will let the host see all attendees and invite the appropriate people to join the meeting. Here’s how.

Update to the latest version of Zoom
Zoom has shifted resources to fixing the security issues so make sure to keep the app updated as changes come in. More info here.

Dashlane Team

Dashlane is a mobile and desktop app that gives you a shortcut for everything you do online. Log in instantly, fly through forms, and breeze through checkouts on every device you own.