Over the last twenty-four hours, social media has been rife with rumours that users who installed video calling app Houseparty, often billed as Zoom for millennials, got their financial information or accounts on other apps hacked. However, those posts have been low on evidence, Naked Security points out, with a lot of this information being driven by forwards. Houseparty, which is owned by Epic Games of Fortnite fame, lashed out at the posts, putting out a million-dollar bounty for anyone who could prove that it’s a coordinated smear.
We are investigating indications that the recent hacking rumors were spread by a paid commercial smear campaign to harm Houseparty. We are offering a $1,000,000 bounty for the first individual to provide proof of such a campaign to email@example.com.
— Houseparty (@houseparty) March 31, 2020
This dramatic series of events comes at the heels of heightened focus on the security of video calling services such as Zoom, which was leaking users’ device information to Facebook even if they did not have an account on the social media network. As more and more people work from home in the wake of the COVID-19 pandemic, services like Zoom have seen a huge uptick in demand, sometimes several times more than what they were before the outbreak.
Yesterday, New York’s Attorney General Letitia James sent a letter to Zoom questioning its data privacy and security practices, the New York Times reported. She noted, among other things, that Zoom had been slow to address vulnerabilities “that could enable malicious third parties to, among other things, gain surreptitious access to consumer webcams [zoombombing].” She also questioned the categories of data that Zoom collects, and the entities with which it shares user data.