![](https://static.wixstatic.com/media/34c96e_e6030345080c46c49187a119a3d470f7~mv2.jpg/v1/fill/w_147,h_147,al_c,q_80,usm_0.66_1.00_0.01,blur_2,enc_auto/34c96e_e6030345080c46c49187a119a3d470f7~mv2.jpg)
In the night of February 2, 2024, AnyDesk released an advisory confirming a compromise of the company's "production systems" without further specification other than indicating the event is not ransomware-related.
As the advisory mandates customers to reset their web application portal passwords, there is a potential that the event impacted credentials of my[.]anydesk[.]com web application users. However, there is reportedly no evidence of a compromise of end-user devices.
The event appears to have been discovered on January 29, when AnyDesk logged a change to their code signing certificates.
AnyDesk users may want to consider the following actions:
Reset the client portal password;
If the potentially compromised password was used across other platforms, reset those credentials as well;
Make sure to enable multi-factor authentication across accounts where the password was reused;
As a precautionary measure, revoke the AnyDesk session tokens.
AnyDesk's investigation is still ongoing. There may be developments during the next days or weeks.