How to Protect Your Zoom Account From Recent Data Breaches
There are over 500 thousand hijacked. Zoom in logins floating around the dark canvas . This is not good, especially since they sell for almost nothing, but it’s a great reminder that you shouldn’t use the same credentials for different services .
You can revoke and prevent any unwanted access to your account with the appropriate tools and security settings, but this is not necessary. In this case, the Zoom was not violated; all accounts are byproducts of data leaks in other services, and logins and passwords were simply used to log into users’ Zoom accounts. From there, the user’s face-to-face meeting URLs and host keys were copied and dumped into one large archive of stolen credentials.
Step 1. Check which of your accounts was involved in the data breach.
To get started, use a free service like Have I Been Pwned or pwdquery to see if the email address or passwords associated with your Zoom login are roaming the web. If so, you should start updating your various accounts with new unique passwords and strong security settings such as two-factor authentication .
Even if your email passes the Have I Been Pwned check, it’s still worth updating your Zoom password, especially if you tend to use the same passwords for multiple accounts. Stop doing that. If you’re worried about remembering all these new passwords, try using a password manager to keep them in one place.
Step 2. Check the scaling settings
If you suspect that someone may have accessed your (paid) Zoom account, you will definitely want to change your personal meeting ID so that its further use is not subject to zombies. You will also want to change your six-digit host key , the critical number that allows you to accept scheduled appointments as their host. Changing this through your Zoom profile is very easy:
I also recommend clicking on that tiny link at the bottom – “Log out from all devices” – after you’ve updated your password.
If you’re on a paid plan or are part of your company’s Zoom account, try visiting the security settings page on your profile and turning on two-factor authentication. If you can, it will save you the pain if or when someone steals your credentials in the future. (Why Zoom can’t just roll out this feature to everyone, paid or free, I’ll never know.)