Major Remote Desktop Provider AnyDesk Discloses Security Breach: Resets All Passwords

AnyDesk, a major remote desktop provider, has recently disclosed a security breach which required a full reset of its users’ passwords. The breach was discovered during a routine security audit and was promptly reported to relevant authorities. The company assured that this incident was not due to a ransomware attack and no evidence of end-user system compromise has been found so far. In response, AnyDesk reset all passwords related to its web portal, and users have been urged to upgrade their software to the latest version. The company also plans to replace its code signing certificate soon. The breach timeline and details remain undisclosed, and a potential data compromise remains uncertain. This incident follows a similar breach at Cloudflare earlier.

Popular remote desktop solution provider, AnyDesk, recently reported a security breach which necessitated a system-wide reset of its users’ passwords. This revelation, which came to light on Friday, was the result of a cybersecurity incident impacting its production systems.

The Germany-based tech company clarified that this breach wasn’t a consequence of a ransomware attack. The incident came under scrutiny during a regular security audit, and promptly, relevant authorities were informed.

In a public statement, AnyDesk stated, “All potentially compromised security validations have been invalidated and any affected systems have undergone necessary resolutions or replacements.” The company outlined its plans to retract the previous code signing certificate for its software shortly, quickly replacing it for heightened security.

In a broad-spectrum attempt to secure user data, AnyDesk has reset all passwords related to its web portal, my.anydesk.com, and users are urged to update their passwords across other platforms if the same ones have been used.

Further, the company advised users to upgrade their remote desktop software to the latest version, equipped with a new and more secure code signing certificate.

Details of when and how exactly its production systems were infiltrated remain undisclosed by AnyDesk. Currently, it is undetermined if any data was compromised during this security incident. Nonetheless, the company reassures that no evidence suggests any end-user systems were compromised.

Earlier, this week, cybersecurity analyst Günter Born from BornCity revealed that AnyDesk had been undergoing maintenance since January 29, with issues being resolved by February 1. Additionally, on January 24, the company warned its users about possible “service degradation” and “intermittent timeouts” with its Customer Portal.

Servicing more than 170,000 clients globally, including technological giants such as Amedes, AutoForm Engineering, LG Electronics, Samsung Electronics, Spidercam, and Thales, the recent data breach at AnyDesk comes into light.

This disclosure follows a similar incident at Cloudflare where stolen credentials were used by suspected nation-state threat actors to gain unauthorized access to its Atlassian server along with a limited amount of source code and specific documentation.

Table of Contents

Recent Posts

Weekly Tutorial

Sign up for our Newsletter

Get all latest news, exclusive deals and updates + free 30 day XEOX trial.

BLACK WEEK Special at XEOX!

This is your chance to make the most of our special deal and transform your experience with our services. 

Our Black Week Special at XEOX kicks off today!

20% Discount

 on your First Year Subscription!

From November 20th to November 27th, we are offering an incredible 20% off on all new subscriptions for the first year.

Whether you’ve been considering joining the XEOX family or looking for an opportunity to save, now is the perfect time.

Subscribe to our newsletter!

Get all latest news, exclusive deals and updates + free 30 day XEOX trial.