Submitted by admin on

WHAT HAPPENED?
There have been reports that credentials for remote access software TeamViewer may have been compromised.


WHEN DID IT HAPPEN?
Beginning Wednesday, June 1, 2016, and ongoing.


WHY DID IT HAPPEN?
TeamViewer users have reported that their TeamViewer credentials have been compromised and their computers accessed by unknown persons, in some cases leading to financial loss.  TeamViewer has denied that they've been hacked, claiming that the compromises are due to affected users using the same credentials that were exposed in recent social media breaches.  Additional information is available at http://arstechnica.com/security/2016/06/teamviewer-says-theres-no-evidence-of-2fa-bypass-in-mass-account-hack/.


WHAT DO YOU NEED TO DO?
TeamViewer users should consider changing their credentials.  Users with TeamViewer installations that persistently listen for connections should consider enabling two-factor authentication in addition to changing their credentials (although some of the affected users reported that their computers were compromised even though they had enabled two-factor authentication).  Alternately, those users may wish to disable the application until additional information is available.

Users of the TeamViewer QuickSupport modules used by the TSO Help Desk should not be impacted by this.  However, the Help Desk is exploring alternate remote support offerings.


WHO SHOULD YOU CONTACT FOR QUESTIONS?
Feel free to contact the TSO Help Desk (CCB 148, 404-894-7065, helpdesk@cc.gatech.edu).