$ZM: Security Concerns Resurface — $150M Settlement Overhang Persists

Court: N.D. California

Case: 3:20-cv-02353

A new phishing campaign exploiting Zoom and Microsoft Teams to infiltrate over 900 organizations is raising questions about collaboration software security. While Zoom has recently shown earnings strength, its $150M settlement tied to past encryption failures continues to cast a long shadow for investors.

• Hackers using fake Zoom/Teams invites to install spyware across 900+ organizations.
• Attackers leveraging ConnectWise ScreenConnect to gain administrator access.
• Education, healthcare, and financial sectors hit hardest (over 33% combined share).
• Security analysts warn this represents a shift from password theft to social engineering.
• Zoom still managing positive analyst sentiment, but its privacy record faces renewed scrutiny.

Timeline Overview

• Jul 2019 – Encryption flaws in Zoom software revealed.
• Mar 26, 2020 – Reports show data vulnerable to Facebook and third parties.
• Mar 27, 2020 – ZM falls nearly 20% in a single day.
• May 18, 2020 – Investors sue over misleading encryption claims.
• Jul 12, 2023 – $150M settlement reached with investors.

Allegations Include

• Misrepresenting “end-to-end encryption” capabilities.
• Sharing sensitive user data with third parties.
• Downplaying vulnerabilities in Zoom’s platform.
• Misleading investors on security and compliance risks.

Investor Update

Zoom’s $150M settlement resolved claims tied to its encryption disclosures and data-sharing practices. While litigation is settled, heightened risks around software security underscore ongoing investor caution.

You can check more information about it HERE.