Zoom, the video conferencing app, has seen a sudden surge in popularity, as people are forced to work and study from home amidst the coronavirus (COVID-19) pandemic.
In yet another privacy blow, there are thousands of recorded Zoom video calls that are publicly viewable on the open web, according to a report from the Washington Post.
The exposed video calls on the internet include elementary school classes, therapy sessions, casual friend conversations, small business meetings and recordings involving nudity.
Several videos appear to have been recorded through Zoom’s software and saved to different applications without passwords. The issue lies in the way Zoom names each records file in an identical way, a simple online search can reveal a long stream of videos that allows anyone to download and watch them.
While Zoom doesn’t store the content of video calls by default, a call “host” – who starts the meeting, can choose to record them and save it either to their own computers or upload it to Zoom’s servers without participants’ consent or knowledge. However, the participants on a call do receive a notification when a host decides to start recording.
Washington Post notified about the issue to Zoom before it published the article in the newspaper. In an emailed statement, a Zoom spokesperson clarified that users should take “extreme caution” while uploading the recordings to the internet.
“Zoom notifies participants when a host chooses to record a meeting, and provides a safe and secure way for hosts to store recordings. Zoom meetings are only recorded at the host’s choice either locally on the host’s machine or in the Zoom cloud. Should hosts later choose to upload their meeting recordings anywhere else, we urge them to use extreme caution and be transparent with meeting participants, giving careful consideration to whether the meeting contains sensitive information and to participants’ reasonable expectations,” it added.
Recently, Zoom announced that the company will be freezing feature updates for three months to focus on fixing the security issues.