It's not the accounts that got hacked, it's the client
The TeamViewer service accounts seem to be OK: 2FA, no evidence of a hack anywhere.
What seems to be happening is that miscreants have found a way to connect to TeamViewer clients, somehow bypassing the authentication. This has happened to a guy at work last week: TeamViewer account fully secure, unique password, 2FA, etc. While using his laptop, someone connected via TeamViewer and started clicking around. Fortunately, it wasn't a serious hack attempt, seemed more like a skiddie.
TeamViewer now uninstalled everywhere here until we find out more. The software client is broken somehow.
Pure speculation on my part, but that's my take on it.
Biting the hand that feeds IT
