Zoom Sued For Security Lapses, Hires Ex-Facebook Security Boss Stamos

Popular video conferencing app Zoom Video Communications has hired Alex Stamos as an advisor as it scrambles to respond security and privacy concerns.

Stamos is formerly the security boss at Facebook, and prior to that he was the security chief at Yahoo. He also had previous stints at Loudcloud and NCC Group Domain Services, ISEC Partners, and security firm Artemis.

Meanwhile Zoom has also been slapped with a lawsuit from a Zoom shareholder, accusing the video-conferencing app of overstating its privacy standards and failing to disclose that its service was not end-to-end encrypted.

Image credit: UK Government/Twitter

Stamos hire

The role of Alex Stamos is, according to Reuters, as a Zoom adviser and the firm has additionally set up an advisory board to improve its privacy and security.

Last week chief executive Eric Yuan said he recognized “that we have fallen short of the community’s – and our own – privacy and security expectations. For that, I am deeply sorry, and I want to share what we are doing about it.”

Usage of Zoom has spiked during the Coronavirus pandemic, and has seen the company’s shares rise dramatically over the past few weeks.

For example, the British government held its first-ever video-conferenced Cabinet meeting a couple of weeks ago, and even the Prime Minister Boris Johnson tweeted a photo of himself using the application, in which a meeting ID was visible.

The British government also pushed back amid criticism from some quarters over its use of Zoom. It said Zoom was used as many ministers were self-isolating at home, with no access to official government video conferencing systems.

Zoom criticism

But there has been criticism of the app over the lack of end-to-end encryption of meeting sessions, as well as routing of traffic through China.

There has also been criticism of “zoombombing”, where uninvited guests crashed meetings.

The hiring of Stamos is somewhat ironic considering that he had been tweeting in late March, calling for Zoom to be more transparent and roll out a 30-day security plan.

Following those tweets, Zoom’s Eric Yuan called up Stamos, asking him to help the company build up its security, privacy and safety capabilities as an outside consultant, Reuters reported.

“To be clear, I am not an employee or executive of Zoom and I don’t speak for the company,” wrote Stamos in a blog post. I have refrained from any public comment on Zoom or discussions with journalists since my call with Eric, but in the interest of transparency I think it’s important to disclose this work.

“Zoom has some important work to do in core application security, cryptographic design and infrastructure security, and I’m looking forward to working with Zoom’s engineering teams on those projects,” Stamos wrote.

Zoom lawsuit

Meanwhile Zoom has also been hit with a lawsuit from a shareholder, Reuters reported.

The lawsuit filed in the US District Court for the Northern District of California, accused Zoom of overstating its privacy standards and failing to disclose that its service was not end-to-end encrypted.

Shareholder Michael Drieu claimed in a court filing that a string of recent media reports highlighting the privacy flaws in Zoom’s application have led to the company’s stock, which had rallied for several days in the beginning of the year, to plummet.

Zoom did not respond to a Reuters request for comment.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago