The recent AnyDesk breach provides a timely reminder to ensure organizations are following best practices regarding remote access software and services — both third-party tools and the features or services embedded in operating systems, browsers and more.
The maker of AnyDesk forced a password reset for all users after it found 18,000 user credentials for sale on the dark web for $15,000. The breach potentially exposed AnyDesk customers’ license keys, a number of active connections, duration of sessions, customer IDs and contact information, email associated with the account, and the total number of hosts that have remote access management software activated.