July 1, 2024 at 05:03AM
TeamViewer confirmed a hack by the APT29 Russian cyberespionage group targeting their corporate IT environment. The attackers gained access through an employee account and stole directory data and encrypted employee passwords. The company, in collaboration with Microsoft, mitigated the risk associated with the passwords. TeamViewer attributes the attack to APT29.
Based on the meeting notes, the key takeaways are:
1. TeamViewer experienced a recent cyber attack targeting the corporate IT environment, with APT29 (also known as Cozy Bear and Midnight Blizzard) being confirmed as the attacker.
2. The breach did not affect the TeamViewer connectivity platform or any customer data, as the company has strong segregation of its Corporate IT, production environment, and TeamViewer connectivity platform.
3. A standard employee account was compromised by the attackers, leading to the theft of employee directory data and encrypted employee passwords for the internal corporate environment.
4. TeamViewer collaborated with Microsoft to mitigate the risk associated with the stolen encrypted passwords and has confirmed APT29’s attribution to the attack.
5. Microsoft has been alerting more customers about the group’s activity, including the theft of emails.
This information highlights the significance of cybersecurity measures and collaboration with industry experts to address and mitigate cyber threats.