Zoom meeting codes leaked on public forum

Users share Zoom meeting IDs via Discord channel on Zoom Leaks. Zoom promises webinars on privacy and security guidelines.

Share this Intel:

A website called Zoom Leaks advertises itself as a public forum used to share session codes, on the popular live conference software zoom.us. We found that site members post meeting IDs for unsecured Zoom meetings. 

Zoom Leaks HomepageThe forum currently has codes for AA meetings, school classes, and even religious meetups.

Zoom codes for different types of meetings

The forum also claims that they have access to Zoom servers and have thousands of Zoom codes that will be released on their Discord channel: gg/3deQgE. It is also notable that most users are sharing the codes via Discord and not directly on the forum.

Zoom meeting IDs and passwordsWhile there’s not much clarity on how these details were leaked, we suspect that the recently disclosed vulnerabilities such as: one bug that allowed uninvited guests to join meetings, and another UNC path injection bug that let attackers steal Windows login credentials, could have been exploited.

In response, Zoom has released patches for these vulnerabilities and has promised weekly webinars to provide privacy and security guidelines.

Xvigil data leak banner

Be informed about these Threats in your Inbox

Sign up now to our Threat intelligence Newsletter and be the first to know about these threats first in your inbox.