July 12, 2016
FrogAlert: All Clear To Reinstall And Resume Use Of TeamViewer
As you may recal, TeamViewer, a remote login service was compromised by hackers in early June. Now we are giving our clients the all clear to reinstall and resume use of TeamViewer.
However, we’d like to offer one morsel of advice.
TeamViewer users reported their accounts were hacked and the criminals were able to access and drain their PayPal and bank accounts.
TeamViewer believes that the account takeovers are the result of password reuse and passwords exposed in breaches external to TeamViewer. They also point to people using passwords that are too weak, i.e. name of a spouse, kid or pet.
Leapfrog recommends these six steps:
- Use strong, complex passwords (try strongpasswordgenerator, random.org and lastpass) and don’t reuse them — strong, unique passwords only need to be changed once a year (otherwise do it monthly)
- Use a password manager such as Lastpass or Dashlane that does the work for you (you only have to remember one password)
- Set up two-factor authentication on your accounts even though it’s an extra step … the extra five seconds can save you five weeks of work trying to reclaim your identity
- Lie when you answer the security questions on websites
- Get ahead of hackers. Educate yourself on some easy security steps you can take and implement an IT security plan
If anyone on your team has any questions or concerns, please contact the Leapfrog Support Center online or at 404-870-2124 or 866-870-2124.
June 3, 2016
FrogAlert: TeamViewer May Have Been Hacked — Recommend Uninstall
TeamViewer, remote access software used for remote control and support, may have been hacked to gain access to computers, data and networks and to install malware.
TeamViewer says its service was down on June 1 because of a DDoS (Distributed Denial of Service) attack. However, there are enough complaints about unauthorized access to accounts, including those that use two-factor authentication, to warrant action on your part even though TeamViewer is not Leapfrog’s primary remote support application and there is little risk to managed Leapfrog clients.
Leapfrog recommends all employees uninstall TeamViewer for now.
We will contact you again about how to proceed once we’re sure of the extent of the security problem, if there is one. In the meantime, employees who had TeamViewer installed should be extra vigilant about checking their financial accounts (PayPal, bank accounts, credit card accounts and shopping sites like Amazon and eBay) for strange transactions. Also be on the lookout for other possible malware activities.
If someone on your team suspects a problem, please contact the Leapfrog Support Center online or at 404-870-2124 or 866-870-2124.
Thank you for your attention. And hop safe out there!