Zello tells users to reset passwords following suspected data breach

A sticky note on a laptop reading "password 12345678"

(Image credit: Getty Images)

Push-to-talk app Zello warns users to change their passwords immediately
It also told them to change the passwords for any other online service where they use the same one
The company did not explain what happened

Push-to-talk communications app Zello has warned users to change their passwords - and although it did not state why it was asking them to do so, the wording of the message suggests that the company suffered a data breach.

“Zello Security Notice - As a precaution, we are asking that you reset your Zello app password for any account created before November 2nd, 2024,” the warning reads, reported BleepingComputer.

This would suggest that login information for all accounts created before this date were exposed with unauthorized third parties. This doesn’t necessarily have to mean that the company was hacked.

Trust, but verify

Furthermore, information about such databases could have been shared with third-party partners, or other unauthorized entities, by mistake.

In any case, Zello is urging users to lock down their accounts: “We also recommend that you change passwords for any other online service where you may have used the same password.”

When storing passwords and other sensitive data, most organizations would encrypt them in a way that makes it almost impossible to read. Given the stark warning in this announcement, we could speculate that the Zello passwords were stored in plaintext, or in other easily readable format.

Zello is a push-to-talk communication app that functions like a walkie-talkie, enabling real-time voice messaging over Wi-Fi or mobile data. It is widely used for team collaboration, emergency response, and social interactions, offering private and public channels with low latency and high audio quality. Notably, it suffered a cyberattack in 2020, when it also asked all users to reset their passwords - raising fears this could have happened again.

The app is available for Android, iOS, and desktop devices, and reportedly has roughly around 140 million users.

Companies often keep large databases with sensitive data exposed on the internet, inadvertently. However, white hat hackers and security researchers often beat criminals to the punch with these discoveries, alerting the firms before significant harm can be done.

Hundreds of malware-laden fake npm packages posted online to try and trick developers
Here's a list of the best firewalls today
These are the best endpoint protection tools right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Latest

Sony products on TR's blue Black Friday poster

Sony's gone Black Friday insane with record-low prices on headphones, earbuds, speakers, turntables and soundbars

See more latest ►

Trust, but verify

Are you a pro? Subscribe to our newsletter

You might also like

Most Popular