Zoom: Every security issue uncovered in the video chat app

And with that popularity comes its privacy risks extending to a greater number of people. From built-in attention-tracking features to recent upticks in "Zoombombing" (where uninvited attendees break into and disrupt meetings), Zoom's security practices have been drawing more attention -- along with three lawsuits against the company. 

Here's everything we know about the Zoom saga, and when it happened. If you aren't familiar with Zoom's security issues, you can start from the bottom and work your way up to the most recent information. We'll continue updating this story as more issues and fixes come to light.

April 6

Some school districts ban Zoom

School districts began banning teachers from using Zoom to teach remotely in the midst of the coronavirus outbreak, citing security and privacy issues surrounding the videoconferencing app. New York's Department of Education urged schools to switch to Microsoft Teams "as soon as possible," Chalkbeat reported.

Zoom accounts found on the dark web

Cybersecurity firm Sixgill revealed that it discovered an actor in a popular dark web forum had posted a link to a collection of 352 compromised Zoom accounts. Sixgill told Yahoo Finance that these links included email addresses, passwords, meeting IDs, host keys and names, and the type of Zoom account. Most were personal, but not all.

"One belonged to a major US healthcare provider, seven more to various educational institutions, and one to a small business," Sixgill told Yahoo Finance. 

Zoom seeks to grow its lobbying presence in Washington

Zoom's response to security concerns pivoted to Washington, DC. The company told Politico it was looking to grow its lobbying presence in Washington, and had hired Bruce Mehlman, a former assistant secretary of commerce for technology policy under President George W. Bush. 

Urging an FTC investigation

In an open letter, the Electronic Privacy Information Center urged the Federal Trade Commission to investigate Zoom and issue privacy guidelines for videoconferencing platforms. 

Sen. Richard Blumenthal, a Connecticut Democrat more recently known for spearheading  legislation that critics say could cripple modern encryption standards, called on the FTC to investigate Zoom over what he described as "a pattern of security failures and privacy infringements." 

Third class action lawsuit filed

A third class action lawsuit was filed against Zoom in California, citing the three most significant security issues raised by researchers: Facebook data-sharing, the company's admittedly incomplete end-to-end encryption, and the vulnerability which allows malicious actors to access users' webcams.