We just had a unique issue come up that I wanted to share with everyone.

A learner reached out to one of our trainers to as if the remote class was in fact cancelled.
The trainer said that class was not cancelled and was informed that the learner had received an email that it was. The learner forwarded a screen shot of the email to the trainer, at their request.

Sure enough, the meeting ID number matched the upcoming webinar.

I was informed of this issue by the trainer and received the forwarded screen shot.
About 10 minutes later the trainer called me back and confirmed that the email listed as the sender was one of the people scheduled to attend today's class. The trainer and I were on the same page, as I was about to check the sender off of scheduled attendees before he called to confirm that this potential security breach was a false alarm.

The attendee that sent the email to all the other learners was attempting to email the trainer to confirm the class was still taking place and does not understand how this went out as an event cancellation either.

Could this have been someone randomizing meeting ID numbers to disrupt upcoming meetings, webinars, and remote classes? Sure. It's a buck shot approach, but then it is the easiest method of hacking and disruption out there.
Could this have been a disgruntled learner? Absolutely (for those questioning this one, one school I taught at used to get fake bomb threats in adult education from students angry about their test scores.)

So, why post this?

Well, for starters some of you may be new to Zoom and are on the community page to learn all you can. I hope this helps you in your self-study.

Second, if you are a Zoom Admin. you may get all manner of question from your users. Now you have one more possible answer for a user’s question, no need to reinvent the wheel, so your solution may be a bit easier.

Third, to reemphasize the point that as much as we are happy the issue was a simple mistake, security incidents do happen, and we must be willing to explore those possibilities. Security incidents are a matter of when, not if. Initially this was a security issue, and until proven otherwise I was going to do some reading to determine if this was a new malicious trend. Being a security professional, as well as educator and Zoom Admin., there is no shame in exploring this route, nor is there anything but relief when an issue turns out to be a false alarm. (We in security actually like false alarms.)

As stated earlier, I hope this helps some people who may come across a similar issue. Fingers crossed your issue is also a false alarm.