TeamViewer Hacked or Breached or Something

Users of the popular remote access tool have had their accounts abused and no one is exactly certain how.

Crosa / Wikipedia

If you’re a user of TeamViewer, the very popular “remote support, remote access, and online meeting software” for Windows, OS X, Linux, Chrome OS, iOS and Android, you might want to take a second to change all of your passwords. In fact, before you finish this article, before you learn why you should change your TeamViewer passwords, go change them right now to be really strong passwords and take down any copies you usually leave running that aren’t absolutely necessary … it’s that big a deal.

tv win mainwindow

Okay? Done? Good. The reason for my urging you to take immediate action is that through as yet undetermined means, someone or ones have managed to acquire an unknown but apparently huge number of TeamViewer account credentials and as a consequence, a number of TeamViewer users claim to have suffered huge financial losses.

This all came to light over the last few days and the reports of TeamViewer accounts being used as an entry point to rack up charges on users’ PayPal, eBay, and Amazon accounts. There are also claims that TeamViewer users who had set up two factor authentication have also had their accounts compromised. 


Over on Reddit there’s the Teamviewer Breach Masterthread which is filling up rapidly with reports, but the company behind TeamViewer claimed in a press release (oddly dated a week before the story emerged) that they haven’t been breached:

TeamViewer is appalled by any criminal activity; however, the source of the problem, according to our research, is careless use, not a potential security breach on TeamViewer’s side. Therefore TeamViewer underscores the following aspects:

  1. Neither was TeamViewer hacked nor is there a security hole
  2. TeamViewer is safe to use and has proper security measures in place
  3. Our evidence points to careless use as the cause of the reported issue

TeamViewer’s technical response to this breach has been to add a “Trusted Devices” feature that requires you to authenticate every device you access your TeamViewer account from, as well as mandatory password resets for TeamViewer accounts that have shown suspicious activity.

Want to know if your account has been compromised? Go over to Have I been pwned? and take a look. And while you’re there, set up an alert for your domain.

Has the TeamViewer breach or whatever it turns out to be affected you?

Comments? Thoughts? Send me some closely surveilled feedback via email or comment below then follow me on Twitter and Facebook. The NSA does, why shouldn’t you?

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT