Hackers Went Undetected in Citrix's Internal Network for Six Months:
Hackers gained access to technology giant Citrix's networks six months before they were discovered, the company has confirmed.
In a letter to California's attorney general, the virtualization and security software maker said the hackers had "intermittent access" to its internal network from October 13, 2018 until March 8, 2019, two days after the FBI alerted the company to the breach.
Citrix said the hackers "removed files from our systems, which may have included files containing information about our current and former employees and, in limited cases, information about beneficiaries and/or dependents."
Initially the company said hackers stole business documents. Now it's saying the stolen information may have included names, Social Security numbers and financial information.
Citrix is big in digital workspaces, networking, and analytics. I imagine this breach caused many VeryNotGood days for a large number of company people.
Were you affected?
(Score: 4, Insightful) by RS3 on Friday May 03 2019, @02:28PM (3 children)
> Were you affected?
THAT is the million-dollar question. Citrix is so huge in so many companies, if they themselves have been hacked into, how many companies that have our personal information stored, managed, and "guarded" by Citrix software, have been hacked into the same way?
And since most "privacy" agreements say they will share our data with "our trusted partners", how much farther has this gone?
(Score: 3, Informative) by EvilSS on Friday May 03 2019, @06:27PM (2 children)
(Score: 2) by RS3 on Friday May 03 2019, @08:06PM (1 child)
Thank you, very valid. As others have commented, it calls into question the quality and ability of their intrusion detection and monitoring systems, but that might be more managerial / financial than technical. More details needed of course...
(Score: 2) by EvilSS on Saturday May 04 2019, @06:30PM