In 2020, people of the world experienced a lot of new and not-so-exciting things. Like being confined to their homes and adapting to working from home. Most of us turned to (now) popular video conferencing platform Zoom for the latter. Not long after, a new phenomenon called zoombombing made its appearance, now the platform is paying for it.
Zoom, the company behind the software, has agreed to pay a settlement of $85 million in a lawsuit regarding its privacy and security. The lawsuit was brought forward by users who had been affected by the elusive ‘zoombombers’ which reportedly came about thanks to dodgy security practices.
Zoombomb for what?
Zoombombing is the practice of uninvited trolls crashing a Zoom meeting and causing some kind of chaos, or just snooping, spying or being a virtual delinquent.
While it doesn’t sound particularly dangerous, corporates and governments could give away trade secrets or sensitive information without knowing a lurker’s taking notes. One of Stuff’s journalists attended an event hosted by a noteworthy tech company, in which a zoombomber proceeded to draw specific male anatomy across the presentation. A similar scenario struck the SA National Assembly after it posted the password to the meeting on Twitter. We’re certain that one wasn’t Zoom’s failed security’s fault, though.
According to the suit, Zoom overtly shared data with other social media platforms like Facebook, Google, and LinkedIn without permission. The company agreed to pay for damages following a suit in the US District Court of California.
“The settlement, announced on Saturday, still needs the approval of U.S. District Judge Lucy Koh in San Jose, California, but assuming it goes through, Zoom customers can expect to receive a 15% refund on a portion of their subscription fee or $25, whichever is greater. Zoom subscribers outside of the suit could receive a payment of up to $15,” Digital Trends details.
The video conferencing platform will also have the responsibility of increasing security within the platform, and its employees will need to attend basic security anonymous. Ahem… we mean, a special training course on handling data and implementing privacy measures online.
