A number of TeamViewer’s more than 200 million global users are reporting that their accounts have been hacked, with some reporting thefts from PayPal and bank accounts.

TeamViewer is a provider of remote control and online meeting software, and is available in more than 30 languages. Axel Schmidt, TeamViewer spokesman, tells Channel Partners that there still is no evidence that TeamViewer has had a security breach.

“We did see a number of cases in which TeamViewer accounts were abused; most likely these cases are due to password reuse,” he said. “With our new security features, we believe we have effective measures in place to help prevent account abuse. At this point we would rather not participate in any speculation about the number of cases. Every case of abuse is significant to us, and one is one too many.”

In a letter to TeamViewer users, CEO Andreas König said there have been “unprecedented” large-scale data thefts on popular social-media platforms and other web service providers. Many TeamViewer users have taken to Twitter and other social-media sites to complain about the attacks.{ad}

“Unfortunately, the information stolen in these external breaches has been used to access TeamViewer accounts, as well as other services,” he said. “They have taken advantage of the common use of the same account information across multiple services to cause damage, meaning TeamViewer user accounts have been hijacked by cybercriminals.”

Evidence supplied by affected users suggests that malicious hackers have stolen money from them in various ways, König said.

“All the evidence from these cases suggests that there is no link between cases of cyber-burglary and a TeamViewer vulnerability,” he said. “It is very likely that cybercriminals use account credentials stolen from data breaches elsewhere or via malware installed on victims’ devices, among other such tactics. We always recommend that, if you suspect that you have been the victim of criminal activities, you should get in touch with your local police department in order to report your case.”

In the meantime, TeamViewer has added two new security features in response to the attacks. One tightens controls on new devices accessing the service, while another forces a password reset if a user exhibits unusual behavior.

Schmidt said TeamViewer users can help prevent their accounts from being hacked. The company is continuing to analyze the situation, and “we certainly look into each incoming ticket individually,” he said.

“Do not reuse password, use two-factor authentication, set up whitelists on your machines, use strong passwords, use password managers, change your passwords regularly (and) have proper anti-malware solutions in place,” he said. “Keep your software updated all the time.”

TeamViewer last week appointed former NetApp executive Konstantin Ebert as its director of global channels.