TeamViewer Blames Users ‘Careless’ Security for Hack

TeamViewer is a popular application among Twitch streamers and the gaming community engaging in fun online competitions. The software is incredibly useful and caters to over 200 million users. Recently, many users  voiced their anger on Reddit over an alleged hack. They claimed that their accounts were compromised and hackers could access confidential information. The company released a statement addressing these concerns which read:

“TeamViewer experienced a service outage on Wednesday, June 1, 2016. The outage was caused by a denial-of-service attack (DoS) aimed at the TeamViewer DNS-Server infrastructure. TeamViewer immediately responded to fix the issue to bring all services back up.

Some online media outlets falsely linked the incident with past claims by users that their accounts have been hacked and theories about would-be security breaches at TeamViewer. We have no evidence that these issues are related.

The truth of the matter is:

1. TeamViewer experienced network issues because of the DoS-attack to DNS servers and fixed them.
2. There is no security breach at TeamViewer.
3. Regardless of the incident, TeamViewer continuously works to ensure the highest possible level of data and user protection.

Even though the server outage is not in any way related to the below mentioned advice, TeamViewer would like to reaffirm:

Careless use of account credentials remains to be a key problem for all internet services. This particularly includes the use of the same password across multiple user accounts with various internet services.

In addition, users might unintentionally download and install malware programs. Yet once a system is infected, perpetrators can virtually do anything with that particular system – depending on how intricate the malware is, it can capture the entire system, seize or manipulate information, and so forth.

TeamViewer strongly recommends:

• Users should avoid all affiliate or adware bundles: While users may think they are just downloading a harmless program, the software could in fact install something else.
• Users ought to download TeamViewer only through the official TeamViewer channels such as the TeamViewer website https://www.teamviewer.com
• Users should protect any user account – whether it is with TeamViewer or any another supplier – by using unique and secure passwords that are frequently changed.
• Users should ensure they have reliable anti-malware and security solutions in place at all times.

The TeamViewer support team is happy to answer any potential technical issues or queries at: https://www.teamviewer.com/en/support/contact/submit-a-ticket/

TeamViewer recommends that users who have been the victim of criminal activities get in touch with their local police departments, in order to report their cases. This is particularly important because TeamViewer is subject to very strict data protection and privacy regulations, and can release sensitive data only to authorized individuals and authorities.”

According to TeamViewer, the service was affected by a denial-of-service attack which targeted the company’s infrastructure. Furthermore, they suggest there is “no evidence” that the attack was linked to any data breach and blames people for “careless use of account credentials”. While there is some merit to this theory and many users probably opt for weak passwords, it’s absurd to suggest this is the case for everyone. It’s still unknown if a data loss occurred as part of a hack, but this isn’t the best way of dealing with it from a PR stance.

Image courtesy of FileHippo.