Beleaguered remote support tool maker TeamViewer has apologized for blaming its customers for the recent spree of PC and Mac hijackings.
While TeamViewer maintains there was "no hack" on its end, public relations head Axel Schmidt told El Reg that the software house was sorry it used the term "careless" to describe folks who reused their TeamViewer passwords on other websites that had account logins stolen, such as LinkedIn and MySpace.
"What we intended to make clear is when you use a tool like TeamViewer you need to take extra care," Schmidt added.
(Reg translation: Sorry we called you careless when you didn't take care.)
Schmidt said a "significant" number of customers claimed they were compromised, judging by the number of support tickets filed. However, the affected users are an "incredibly small" portion of total customers, we're told. He wouldn't give an estimate on the total number of cases.
Late last week, TeamViewer pushed out new security protections designed to help stem a tide of attacks in which PCs were remotely hijacked and used to make fraudulent money transfers and purchases using their locally stored account credentials.
Schmidt said that development on the tools began weeks ago when the first reports of account thefts emerged, but the features did not make it in time to catch last week's deluge of takeovers.
"I wish we would have released those features earlier," the PR boss admitted, in what is possibly the understatement of the year.
Finally, TeamViewer wants customers who were breached to get in touch with it and upload their log files. In particular, the company wants to hear from any customers who believe their accounts were breached despite having two-factor authentication enabled.
Users are also being directed to contact local police to report the incidents, in part because German data laws restrict how much customer information TeamViewer can share outside of official channels. ®