Security News

US Church Sues After Bible-Study Class is 'Zoombombed' with Child Pornography

Video chat company Zoom is being sued by a California church, after an attacker hacked users' computers and played "sick and disturbing videos".

Saint Paulus Lutheran Church, one of the oldest churches in San Francisco, alleges in its lawsuit that "Zoom allowed a 'known offender' — one who 'has been reported multiple times to the authorities' — to Zoombomb Saint Paulus's May 6, 2020 bible-study class ... The footages were sick and sickening - portraying adults engaging in sex acts with each other and performing sex acts on infants and children, in addition to physically abusing them."

Most of those 'attending' the video meeting were senior citizens who, when they attempted to end the video session and start again, were met with another attack.

"(They) had their computer screens hijacked and their control buttons disabled while being forced to watch pornographic video footages," stated the suit.

Zoom responded via a statement, condemning what happened as a "horrific event".

"We were deeply upset to hear about this incident, and our hearts go out to those impacted," said the company. "Words cannot express how strongly we condemn such behavior. On the same day we learned of this incident, we identified the offender, took action to block their access to the platform and reported them to relevant authorities."

The worldwide lockdown brought about by the COVID-19 pandemic has seen a surge in Zoom's popularity as video conferencing software. However, this has brought it to the attention of hackers and the FBI has received multiple reports of 'Zoombombing' i.e. calls being hijacked and participants bombarded with pornographic and/or hate images and threatening language.

On April 1 this year, Zoom's CEO Eric Yuan apologized in a blog, stating: "We recognize that we have fallen short of the community's - and our own - privacy and security expectations. For that, I am deeply sorry."

At the end of April, the company released an updated Zoom 5.0. Among other things, the update allows hosts to "report users to Zoom’s Trust & Safety team, who will review any potential misuse of the platform and take appropriate action" and participants to "lock meetings after everyone has arrived to prevent any unwanted disruptions."

. . .

If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.

Receive alerts for vulnerabilities, zero-days, security news and more

Try our FREE 14-day trial. See an example email

Example email for SecAlerts