Author Topic: Teamviewer may have been hacked  (Read 5512 times)

DougO

  • Newbie
  • *
  • Posts: 3
Teamviewer may have been hacked
« on: June 02, 2016, 11:12:10 AM »
Check the news. I'm shutting it down until I find out if it's safe or not.

Doug

TeamViewer

  • Jr. Member
  • **
  • Posts: 85
    • TeamViewer - Free Remote Access and Remote Desktop Sharing over the Internet
Re: Teamviewer may have been hacked
« Reply #1 on: June 03, 2016, 08:03:40 AM »
Hi Doug,

Protecting your personal data is at the very core of everything we do. As you may already know, there have been unprecedented large scale data thefts on popular social media platforms and other web service providers.

Unfortunately, credentials stolen in these external breaches have been used to access TeamViewer accounts. We are appalled by the behavior of these cyber criminals.

It is important to underscore that TeamViewer account authentication uses the Secure Remote Password protocol, and therefore does not store any password-equivalent data. To do our utmost to help our users, and to further strengthen the protection of your data against these hijacks of cyber criminals, we are globally rolling out improved security measures today in a two-fold approach:
  • Trusted Devices
  • Enforced TeamViewer account password reset
Please find more information on this matter, and on the two measures in our official statement: https://www.teamviewer.com/en/company/press/teamviewer-launches-trusted-devices-and-data-integrity/

Best regards,
Fabian – TeamViewer

Danl

  • Full Member
  • ***
  • Posts: 131
Re: Teamviewer may have been hacked
« Reply #2 on: June 06, 2016, 06:37:53 PM »
Teamviewer has evidently looked at this with some care and decided that poor passwords, or user compromising of passwords is almost always the reason for these hacks. Yes, if your machine is hacked, and you keep your Teamviewer passwords on that machine, you've given baddies the key to all of your machines.

http://arstechnica.com/security/2016/06/teamviewer-says-theres-no-evidence-of-2fa-bypass-in-mass-account-hack/

One other noteworthy point is that if you have a limited number of computers on your TeamViewer network (computers that routinely connect to each other) it is a super-good idea to have them whitelist each other. That's simply done in the TeamViewer security pane. That is, you're telling a given machine which other machines it will even consider allowing to connect to it. I use these whitelists religiously.