A Zoom bombardment of an online Bible study session prompted a San Francisco church to file a class action lawsuit against Zoom on the grounds that the video conferencing company is failing to protect users.
Saint Paulus Lutheran Church filed the class action lawsuit on Wednesday trial after a hijacker infiltrated a church Bible study session last week to show child pornography to attendees, many of whom were elderly.
The church had hosted the Zoom Bible study session in the aftermath of COVID-19. Last week’s reunion session, including the URL link to it, was also promoted on the church’s Facebook and Twitter posts. But according to the lawsuit, the session was password protected.
However, an intruder named “Christine (iPad)” managed to break into the meeting. “Immediately after the robbery, pornographic video footage began to run on all participants’ computers in full screen mode and with loud audio,” the lawsuit said. “Some of the footage involved physical abuse of children, in addition to sexual acts.”
The video host and participants attempted to stop screen sharing and kick the intruder out. But according to the lawsuit, none of the security features advertised by Zoom worked. Eventually, the video host and participants “signed out of the meeting and reconnected, hoping to get rid of the intruder.” But the lawsuit says the hijacker only returned to show more child pornography, leaving Bible study participants “traumatized and deeply disturbed.”
The church administrator then reported the incident to Zoom. In response, the company said it had identified and prevented the intruder from joining Zoom meetings in the future. “But Zoom refused to take any further steps to remedy the situation or improve the security of its videoconferences,” the lawsuit said. “Shockingly, Zoom admitted that the intruder was a ‘known serial offender who disrupts public meetings by showing the same video’, and had been reported to authorities on several occasions.
“It is disconcerting to say the least how Zoom failed to protect Saint Paulus’ Bible study class from a ‘serial offender’ who has been ‘repeatedly reported to authorities’,” he adds. trial.
Zoom declined to comment on the lawsuit. But to this day, users continue report undergo Zoom bombing attacks on video conferencing service.
A month ago, the company started trying to strengthen the security and privacy features of the product, which introduced new protections, including requiring passwords for previously scheduled meetings and enabling the “waiting room” function for all users. However, the security features may not be easy to understand for all users. (For tips on preventing Zoom bombardment attacks, see our guide.)
Saint Paulus Lutheran Church, on the other hand, says Zoom could do more to protect users, but refuses to do so.
“Zoom prioritizes profits and revenues over data protection and user safety as millions of users in the United States have registered with Zoom on the basis of its bogus advertisements and rely on the Zoom platform to carry out their activities during this pandemic, ”adds the lawsuit.
Recommended by our editors
The church says Zoom has tricked consumers into making promises of security and privacy that have never been kept. Much of the lawsuit references media reports of how Zoom failed to deliver end-to-end encryption as previously reported, and share device data with Facebook without making the policy explicit or asking for consent.
The lawsuit seeks damages and demands that the court prohibit Zoom from engaging in “negligent, unfair, illegal and fraudulent” business practices.
Update: In a statement, Zoom said: “We were deeply moved to hear of this incident, and our hearts are with those affected by this horrific event. Words cannot express how strongly we condemn such behavior. . On the same day, we learned of this incident, we identified the offender, took steps to block his access to the platform and reported it to the appropriate authorities. “
“We encourage users to report any such incident to Zoom so that we can take appropriate action or directly to law enforcement authorities. We also encourage all meeting hosts to take advantage of newly released security features. update Zoom and follow other best practices, including making sure you don’t share meeting IDs and passwords widely online, as appeared to be the case here. “
Do you like what you read ?
Register for Security watch newsletter for our best privacy and security stories delivered straight to your inbox.