Share this article on:
Push-to-talk walkie-talkie app Zello has requested that its users reset their passwords following what appears to be a security incident.
Zello, which is used by 140 million users, including first responders, transport workers, hospitality staff and more, pushed a notice over the last two weeks, starting 15 November, requesting that users reset passwords.
“Zello Security Notice – As a precaution, we are asking that you reset your Zello app password for any account created before November 2nd, 2024,” said the notice.
“We also recommend that you change your passwords for any other online services where you may have used the same password.”
Customers have otherwise not received any news as to why the passwords need to be reset. However, the specific date of before 2 November and the password reset suggests that a security incident may have resulted in threat actors gaining access to passwords in what could be a data breach, ransomware attack, or credential stuffing attack.
Additionally, a data breach in July 2020 saw Zello reset its users’ passwords.
“On July 8, 2020, we discovered unusual activity on one of our servers. We immediately initiated an investigation, notified law enforcement and engaged a leading independent forensics firm to help,” said Zello.
“Through this investigation, we learned that it is possible that an unauthorised party may have accessed the email addresses used by our users on their Zello accounts and a hashed version of their passwords.”