Zoom cancels all work on new features after latest security alerts

Andrew Griffin
People pass walk by the Nasdaq building as the screen shows the logo of the video-conferencing software company Zoom after the opening bell ceremony on April 18, 2019 in New York City: Kena Betancur/Getty Images

Zoom has cancelled all work on new features and will instead focus on its security and privacy.

The company's founder and chief executive Eric Yuan apologised to users after a run of problems with the app and outlined a plan to improve it over the next 90 days.

He admitted that the app has struggled with the vast number of new users that have come to it in recent weeks. As well as a rapid increase in the use of the platform, the extra scrutiny has brought attention to a host of security and privacy bugs within the app.

Mr Yuan confirmed that for the next 90 days, all new feature development was being frozen to instead focus engineering resources on security issues.

"To put this growth in context, as of the end of December last year, the maximum number of daily meeting participants, both free and paid, conducted on Zoom was approximately 10 million. In March this year, we reached more than 200 million daily meeting participants, both free and paid," Mr Yuan said in a blog post.

He said supporting the arrival of so many new users had been a "tremendous undertaking" but recognised the platform had "fallen short" of privacy and security expectations.

The Zoom founder added that he "deeply sorry" and confirmed the company would also conduct a security review with third-party experts and publish a transparency report.

Zoom's rise in popularity has seen Prime Minister Boris Johnson use the service to chair a virtual Cabinet meeting, while millions of others have begun using the service for work and study as well as to stay in touch with friendship groups.

But concerns have been raised about security and privacy on the platform, including "Zoombombing", where strangers enter a meeting and harass those taking part or display explicit material.

These incidents exploited a Zoom feature which leaves meetings open to anyone unless locked by the host and forced the company to publish online guidance on how to protect calls.

Cyber security experts have also raised concerns about Zoom's practices in the past, such as previous flaws and now altered features, including one tool which raised privacy concerns because it allowed meeting hosts to check if other attendees clicked onto another window on their screen during the call.

Another previous issue with the platform saw hackers able to hijack a user's webcam.

The company has also apologised for misleading users by incorrectly suggesting Zoom video meetings used end-to-end encryption, which it had previously stated on its website.

"Transparency has always been a core part of our culture," Mr Yuan said.

"I am committed to being open and honest with you about areas where we are strengthening our platform and areas where users can take steps of their own to best use and protect themselves on the platform."

Additional reporting by agencies

Read more

Is Zoom safe and can it be hacked?