Cybersecurity firm finds more than 500,000 Zoom accounts for sale on the Dark Web

Popular video-conferencing app Zoom has had its share of privacy and security issues in recent months. Its CEO, Eric Yuan, had to pause the development of new features for the app in order to make sure to address the privacy concerns.

Now, BleepingComputer (via Mashable) reports about the discovery of over 500,000 Zoom account credentials for sale in the Dark Web and in hacker forums. Reportedly, the account credentials have been obtained by hackers via credential stuffing. This type of cybersecurity attack usually consists of hackers obtaining credentials (like email addresses and passwords) and using them with other accounts to try to gain unauthorized access to platforms.

Some of the stolen credentials are reportedly old and are not used anymore, but some are, unfortunately, valid. Cybersecurity intelligence firm Cyble informed BleepingComputer that they have started noticing Zoom accounts being sold around April 1st. Unfortunately, the available information also included personal meeting URLs, host keys, alongside emails and passwords.



Usually, vulnerable to credential stuffing users are people who use the same password on different platforms. Additionally, the stolen credentials might not be from a direct security breach of Zoom, but more likely, they have been gathered beforehand from databases of stolen user account info and then tested against Zoom accounts.

Reportedly, the cybersecurity company Cyble was able to purchase 530,000 credentials for $0.0020 per account in order to warn those users that their credentials are available on the Dark Web. The affected users can change their password and make sure to change it elsewhere, if they have used it on another platform as well.