TeamViewer has disclosed an ongoing probe into a potential internal corporate IT environment breach after the emergence of system irregularities, reports The Record, a news site by cybersecurity firm Recorded Future.
Additional details were lacking but the remote access and remote control software provider revealed that there has been no indication of any product environment or customer data compromise. TeamViewer's statement comes after the company was noted by the NCC Group to have been targeted by an advanced persistent threat group, with Health-ISAC further attributing the attack to Russian state-sponsored threat operation APT29. In a message reportedly sent to its members, Health-ISAC urged an immediate review of atypical remote desktop traffic in organizations' logs, as well as the implementation of two-factor authentication and device access control measures. Health-ISAC has not yet commented on the said notification to its members, but the American Hospital Association confirmed the message to be legitimate.
