Zello, a push-to-talk communications app, has asked users to change their passwords. It doesn’t explain why they were asked to change them, but the wording of the message suggests the company has suffered a data breach.
“Zello Security Alert – As a precaution, we ask you to reset your Zello app passwords for all accounts created before November 2, 2024,” the alert reads, BleepingComputer reported.
This indicates that credentials for all accounts created before this date have been made available to unauthorized third parties. This doesn’t necessarily mean the company has been hacked. Either way, Zello is urging users to lock their accounts. “We also recommend changing passwords for other online services where you may have used the same password.”
Most organizations encrypt passwords and other sensitive data when they store them, in a way that makes it nearly impossible to read. Given the dire warning of this announcement, we can speculate that Zello passwords were stored in plain text or other readable formats.
Zello is a push-to-talk communications app that works like a walkie-talkie, allowing real-time voice messaging over WiFi or mobile data. It is often used for team collaboration, emergency response, and social interaction, providing private and public channels with low latency and high audio quality. Notably, in 2020, the company was the victim of a cyber attack that forced all users to reset their passwords, raising fears that it could happen again.
Companies often leave large databases of sensitive data unintentionally exposed on the internet. However, white hat hackers and security researchers often use their discoveries to predict criminals and warn companies before too much damage is done.