TeamViewer confirms compromised accounts, blames other services

TeamViewer has confirmed that an unspecified number of accounts on the remote desktop support service have been compromised.

In a blog post discussing new security features, the company included an open letter to TeamViewer users, informing them of the news.

The company pinned the blame on compromised services elsewhere though.

“As you have probably heard, there have been unprecedented large scale data thefts on popular social media platforms and other web service providers. Unfortunately, credentials stolen in these external breaches have been used to access TeamViewer accounts, as well as other services,” the firm explained.

Read more: 427m leaked passwords surface from enormous 2013 MySpace data breach

“We are appalled by the behaviour of cyber criminals, and are disgusted by their actions towards TeamViewer users. They have taken advantage of common use of the same account information across multiple services to cause damage.”

The company reassured users that their password information wasn’t stored, as the service used the “Secure Remote Password” protocol.

Shoring up defenses

As a result of the compromised accounts, the company revealed two major security improvements, starting with Trusted Devices.

“The Trusted Devices feature ensures that whenever your existing TeamViewer account attempts to sign in on any given device for the first time, we will ask you to confirm the new device as trusted before signing in,” the developer said. An alert will ask users to approve the device via a link sent to their email address.

The second security improvement will see the service take action if it detects strange activity on your account.

“The system determines continuously if your TeamViewer account shows unusual behaviour (e.g. access from a new location) that might suggest it has been compromised. To safeguard your data integrity, your TeamViewer account will be marked for an enforced password reset.”

Otherwise, the team called on users to enable two-factor authentication, to use unique login details for each account in general and to implement “reliable” anti-malware and security programs.