Zoom Management Sued For Making $173 Million By Selling “Inflated” Shares

This is not investment advice. The author has no position in any of the stocks mentioned. WCCF TECH INC has a disclosure and ethics policy.

The outbreak of the coronavirus ensured that all major stock market indexes sank to record lows within weeks as investors panicked and populations retreated indoors to halt the spread of the deadly disease. At the same time, share prices of companies that had based their operations and services on the internet witnessed near-meteoric rises in stock price.

One such company, as we've pointed out in the past as well, is communications service provider Zoom Video Communications (NASDAQ:ZM). Zoom, which is a recent entrant on the NASDAQ stock exchange, witnessed unprecedented levels of demand for its services this year as work and study from home requirements enforced by the coronavirus required people to communicate with each other online.

Zoom Becomes the Only App to Have Access to Private iPad Camera API for Multitasking

Yet, marring its success on the stock market and on consumers' devices, Zoom witnessed a flurry of sensationalist reveals for its services through the better part of this year. These covered details about how the company's platforms are not truly encrypted, to how its encryption keys are routed through servers in China and reports of video calls between its users being interrupted by hackers. These reports followed a 2019 discovery by researchers who showed that Zoom's flaw could let attackers easily access a Mac's webcam.

A new lawsuit filed against the company's board of directors takes all these events into account and holds them responsible for not only failing to perform their fiduciary duties but also for profiting off of an inflating share price that did not account for all the aforementioned flaws.

July 9, 2019: A screenshot from researcher Jonathan Leitschuh's proof of concept link showing a vulnerability in Zoom's software that allowed attackers to access a Mac's webcam. (Image Credit: Jonathan Leitschuh)

Zoom Management Sued By Shareholder for Breach of Responsibility and Unjust Enrichment

The suit has been filed by an investor and its relevant time period starts from a handful of days prior to Zoom's initial public offering (IPO) and extends to the present day. Through his attorneys, the petitioner systematically lists down several events and disclosures about Zoom's services chronologically and uses these to assert that the management made false and misleading statements on Form S-1 (Registration Statement) filed with the Securities and Exchange Commission (S.E.C) prior to Zoom's IPO on April 18, 2019.

The events and security breaches referred to by the lawsuit (listed chronologically) are:

  • A report in July last year by security researcher Jonathan Leitschuh that surfaced in July 2019 and highlighted how attackers could access the webcam of a device running macOS and running Zoom.
  • A reveal early this year showing how Zoom collected and sent user data to Facebook – user's having a Facebook profile was not a precondition for this transmission, and the information being sent to Facebook covered details such as the model of a user's device, their location, their time zone and their network service provider. The company terminated this transmission at the end of March.
  • Zoom admitting to The Intercept in April that the company's communications services were not truly end-to-end encrypted. Following this, SpaceX and NASA banned their employees from using Zoom for official business owing to the sensitive nature of the organizations' meetings.
  • An investigation by research organization The Citizen Lab that revealed how the encryption keys for Zoom's video conferences were transmitted via China.
  • A reveal by YahooFinance on how 352 Zoom accounts were available for sale on the Dark Web. While this is listed in the suit, this report was followed by another that claimed up to 500,000 Zoom accounts were also available on the dark web – the latter report has not been mentioned in the suit.
Some of the half-million Zoom accounts that The Bleeping Computer had reported in April were up for sale on the dark web. (Image Credit: The Bleeping Computer)

Lawsuit Alleges Zoom's Management Sold Shares Worth $173 Million While Share Price Was Artificially Inflated 

Zoom Decides to Offer Encryption Plans for All Users in July

The complainants allege that the defendants either had prior knowledge of some or all of these flaws or that they failed in their fiduciary responsibilities to shareholders by being willfully or unwillfully ignorant of these flaws in Zoom's product. Additionally, the complainant directly names Zoom's chief executive officer Eric Yuan and five other executives for selling their company shares prior to all of the aforementioned vulnerabilities and therefore profiting from what the plaintiff alleges was an "artificially inflated" share price.

By selling the shares before Zoom's price took a hit following the security and encryption problems coming to light, the plaintiff alleges that six of Zoom's current board members sold roughly $173 million worth of shares. Out of this,

  • Zoom C.E.O. and founder Eric Yuan sold shares worth $59.4 million shares starting from April 2019 and up to April 2020.
  • Zoom's chief financial officer Kelly Steckelberg sold shares worth $5.4 million between October 2019 and April 2020.
  • Zoom's chairman of the audit committee Jonathan Chadwick sold shares worth $11.7 million between February and April 2020.
  • Zoom's director Carl Eschenbach sold shares worth $43 million between April 2019 and April 2020.
  • Zoom's director Kimberly Hammonds sold shares worth $5 million between October 2019 and April 2020.
  • Zoom's chairman of the nominating and corporate governance committee Santiago Subotovsky sold shares worth $48 million between April 2019 and April 2020.
Some of the directors' share sales visualized to provide a better sense of heir alleged profiteering. (Data Credit: Koyfin, additions by Wccftech)

The lawsuit ends by imploring the court to award Zoom the damages that the company has incurred to the defendants' alleged misconduct, to direct the company's management to amend the company's bylaws to ensure that shareholders have greater insight into the company's operations and ensure that Zoom's C.E.O is unable to influence the board's selection due to his ownership of the company's Class B stock that entitles each share ten votes by ensuring the shareholders can nominate five directors to the board.

The lawsuit has been filed in The United States District Court For the District of Delaware under the title Gervat v. Yuan et al, case number 1:20-cv-00797.