"client" computer hacked
I run teamviewer to be able to remotely access my computers at home when I'm at work. But, I also have a friend who I have as a "client" for whenever he needs help with his computer. He's not very computer literate and I can expect him to text/call me at least once a week with a computer question.
Earlier today, he texted me to say someone by a different username than mine had just connected to his computer. I immediately told him to disconnect from the internet until further notice.
How can this happen? I have his computer set to allow auto connection so I don't need to type in a client password/ID or anything like that. Should I remove that? I wonder if that is how this happened, and maybe he could have a virus/trojan on his computer. Like I said, he's not very literate (basically only does email, youtube and word processing) so maybe he opened an email he shouldn't have and got something.
This is the first that has happened to any of my computer, and I never recall this happening on any of my personal computers. So I just need tips from you guys in case this has happened to any of you in similar situations.