In a recent security issue, TeamViewer, a prominent remote access software firm, discovered a compromise in its internal corporate IT infrastructure.
The organization reacted quickly, engaging its response team and launching an investigation with cybersecurity professionals.
While the specifics of the attack are still being investigated, TeamViewer assures customers that the hack was confined and did not affect their main product or any customer data.
TeamViewer is a German establishment that is well-known for its remote monitoring and management (RMM) software, which is used by over 600,000 customers.
The US Health Information Sharing and Analysis Center (Health-ISAC) issued a notification, which the American Hospital Association (AHA) acknowledged, warning about threat actors aggressively leveraging TeamViewer.
The company’s statement specifically mentioned threat actors associated with APT29, also known as BlueBravo, Cozy Bear, and other names, who are believed to have ties to the Russian Foreign Intelligence Service (SVR).
“Current investigation findings point to an attack on Wednesday, June 26, using the credentials of a regular staff account within our Corporate IT environment.
This behavior, along with our external incident response support, is presently attributed to the threat actor known as APT29 / Midnight Blizzard.”
#TeamViewer updated their public statement https://t.co/NzzXKIxZUH pic.twitter.com/07UN9L5CnH
— Florian Roth (@cyb3rops) June 28, 2024
TeamViewer assures that its corporate IT environment is entirely separate from the product environment and that there is no evidence that any customer data has been compromised as a result of the event.
The specific nature of the exploitation is unknown; it could involve exploiting TeamViewer vulnerabilities, deploying the program using bad security techniques, or targeting TeamViewer's systems.
APT29, also known as Midnight Blizzard, has a history of high-profile data thefts, including recent attacks on Microsoft and HP Enterprise.
Microsoft said that APT29 gained access to some user email inboxes during a breach that occurred earlier this year and that impacted customers are still receiving alerts.
? TeamViewer's corporate network breached by APT hacking group. Internal IT affected, product & customer data safe. APT29 (Cozy Bear) suspected. Stay vigilant! #CyberSecurity #TeamViewer #APT #Breach pic.twitter.com/riyLLB6vjF
— 3C N-SOC (@3cSoc) June 28, 2024
As the breach occurred, the company confirmed and released a statement at an instant in which they said:
“On Wednesday, 26 June 2024, our security team detected an irregularity in TeamViewer’s internal corporate IT environment.”
“We immediately activated our response team and procedures, started investigations together with a team of globally renowned cybersecurity experts, and implemented necessary remediation measures.”
They further made it clear that:
“Security is of utmost importance for us, it is deeply rooted in our DNA. Therefore, we value transparent communication and will continuously update the status of our investigations as new information becomes available.”
TeamViewer was hacked, however, no client information was disclosed. This event emphasizes the need to separate corporate and consumer networks and implement strong security procedures to protect sensitive data.
You can use PurePrivacy to keep your data secure and boost privacy so that you can take maximum advantage of online services without any fear.