How is Lusha harvesting private email addresses from Zoom?

I could not find a suitable topic, so I’ll post it here, as API and Webhooks is the dept. that I’m most active in.

We have about a dozen of freelance teachers working for our organization. Each of them have their own Zoom account through our Business subscription. In order for them to be able to recieve messages from the Zoom platform (sign-in codes mostly), I’ve created email forwarders for them, and these are used for their Zoom username as well.

But: these forwarders are never(!!!) shared with anyone, nor published anywhere. Yet, some shady data-harvesting companies (Lusha, Slintel) seem to have access to these addresses. How? The only leak I can think of is: Zoom itself.

Is Zoom selling these email addresses? Are these organizations using illegal methods to obtain Zoom-related email addresses? Any information welcome.

1 Like

Frustrated by data leak! Freelance teachers’ Zoom emails (used for login) are being harvested by Lusha & Slintel despite email forwarding and secrecy. Suspecting Zoom is selling data or these companies use shady methods. Seeking info on the source of the leak.

I’m not sure what you’re suggesting here. Are more people affected by this?