Stories
Slash Boxes
Comments

SoylentNews is people

Hackers Went Undetected in Citrix's Internal Network for Six Months

posted by Fnord666 on Friday May 03 2019, @02:16PM   Printer-friendly
from the where's-waldo dept.

martyb writes:

Hackers Went Undetected in Citrix's Internal Network for Six Months:

Hackers gained access to technology giant Citrix's networks six months before they were discovered, the company has confirmed.

In a letter to California's attorney general, the virtualization and security software maker said the hackers had "intermittent access" to its internal network from October 13, 2018 until March 8, 2019, two days after the FBI alerted the company to the breach.

Citrix said the hackers "removed files from our systems, which may have included files containing information about our current and former employees and, in limited cases, information about beneficiaries and/or dependents."

Initially the company said hackers stole business documents. Now it's saying the stolen information may have included names, Social Security numbers and financial information.

Citrix is big in digital workspaces, networking, and analytics. I imagine this breach caused many VeryNotGood days for a large number of company people.

Were you affected?

Original Submission

 
This discussion has been archived. No new comments can be posted.
Hackers Went Undetected in Citrix's Internal Network for Six Months | Log In/Create an Account | Top | 14 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Insightful) by RS3 on Friday May 03 2019, @02:28PM (3 children)

    by RS3 (6367) on Friday May 03 2019, @02:28PM (#838411)

    > Were you affected?

    THAT is the million-dollar question. Citrix is so huge in so many companies, if they themselves have been hacked into, how many companies that have our personal information stored, managed, and "guarded" by Citrix software, have been hacked into the same way?

    And since most "privacy" agreements say they will share our data with "our trusted partners", how much farther has this gone?

    Starting Score:    1  point
    Moderation   +2  
       Insightful=2, Total=2
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4  

  • (Score: 3, Informative) by EvilSS on Friday May 03 2019, @06:27PM (2 children)

    by EvilSS (1456) Subscriber Badge on Friday May 03 2019, @06:27PM (#838506)
    From what has been disclosed, the hack was the result of compromised credentials discovered through credential spraying, not any specific vulnerability in Citrix software or hardware.

    • (Score: 2) by RS3 on Friday May 03 2019, @08:06PM (1 child)

      by RS3 (6367) on Friday May 03 2019, @08:06PM (#838540)

      Thank you, very valid. As others have commented, it calls into question the quality and ability of their intrusion detection and monitoring systems, but that might be more managerial / financial than technical. More details needed of course...

      • (Score: 2) by EvilSS on Saturday May 04 2019, @06:30PM

        by EvilSS (1456) Subscriber Badge on Saturday May 04 2019, @06:30PM (#838919)
        Yea, well, that I will give you. However that IDS system is pretty new and it does have some limitations compared to a "real" on-prem IDS. I'm not a fan of the product and it's sure awkward talking to them about it right now.