Popular videoconferencing service Zoom will shortly allow paying subscribers to opt out of Chinese servers when routing calls …
Paid users can opt of Chinese servers
One of the security concerns raised about the service is that encryption keys for meetings can be generated on a Chinese server regardless of whether anyone on the call is located there. It is widely believed that the Chinese government has access to encryption keys used in Chinese data centers, and as Zoom doesn’t support end-to-end encryption, that potentially allows eavesdropping on calls.
In a blog post, Zoom says that as of April 18, all paying subscribers will be able to opt out of Chinese data servers. Well, technically the company says you can opt into or out of any of its regional data centers, as it doesn’t want to upset China by naming it, but it’s obvious what has driven this move.
Although free users won’t get this option, the company says that most have nothing to worry about.
Now, paid Zoom customers will be able to customize which data center regions their account can use for its real-time meeting traffic […]
Beginning April 18, every paid Zoom customer can opt in or out of a specific data center region. This will determine the meeting servers and Zoom connectors that can be used to connect to Zoom meetings or webinars you are hosting and ensure the best-quality service.
500,000 Zoom logins sold
Around half a million Zoom logins are being sold on the dark web, reports BleepingComputer (via MacRumors). Data available includes email address, password, personal meeting URL, and HostKey.
It’s important to note that this isn’t from a data breach at Zoom: the credentials were apparently obtained from hacks elsewhere, and then tried on Zoom. The result was around 500k successful logins from people who use the same password on multiple websites and services.
If you’ve done this, you’ll want to change your Zoom password – and then ensure you use unique passwords for every website, service and app you use.