Just this morning, TechSpot reported that a security hole in Skype’s password recovery mechanism has allowed any account to be hijacked by knowing only an account’s username and email address. This security issue is now being addressed after Russian reports of hijacking accounts surfaced a couple months ago. It wasn’t until today that they saw evidence of any action being taken. Skype has since pulled its password reset page and is promisng to investigate the problem. This is the statement posted this morning on the Skype blog:
We have had reports of a new security vulnerability issue. As a precautionary step we have temporarily disabled password reset as we continue to investigate the issue further. We apologize for the inconvenience but user experience and safety is our first priority.
The security problems associated with Skype, and Skype’s lack of statements regarding their adequacy for healthcare have been evident for years. It is evident by simply reading their website and comparing it to those developed by video platform companies offering health-grade video platforms for health care professionals. The TeleMental Health Institute has been reporting on Skype’s problems for several years in this blog. Run a search on the term “Skype” by using the search box in the upper right corner of this blog page for several other key posts about Skype. You might especially be interested in reading our blog post about the National Association of Social Worker’s legal statements regarding Skype: NASW Frowns on the Use of Skype for Mental Health Practice. We offer several webinars for 1 CE and a 3-unit post-graduate course offering 3-CEs to professionals who want to know more about Skype and alternative video platforms.