Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Friday February 21 2020, @06:01PM   Printer-friendly
from the turning-Citrix-inside-out dept.

"SoyCow4275" writes in with this story via IRC:

Hackers Were Inside Citrix for Five Months:

Citrix provides software used by hundreds of thousands of clients worldwide, including most of the Fortune 100 companies. It is perhaps best known for selling virtual private networking (VPN) software that lets users remotely access networks and computers over an encrypted connection.

In March 2019, the Federal Bureau of Investigation (FBI) alerted Citrix they had reason to believe cybercriminals had gained access to the company's internal network. The FBI told Citrix the hackers likely got in using a technique called "password spraying," a relatively crude but remarkably effective attack that attempts to access a large number of employee accounts (usernames/email addresses) using just a handful of common passwords.

In a statement released at the time, Citrix said it appeared hackers "may have accessed and downloaded business documents," and that it was still working to identify what precisely was accessed or stolen.

But in a letter sent to affected individuals dated Feb. 10, 2020, Citrix disclosed additional details about the incident. According to the letter, the attackers "had intermittent access" to Citrix's internal network between Oct. 13, 2018 and Mar. 8, 2019, and that there was no evidence that the cybercrooks still remain in the company's systems.

Citrix said the information taken by the intruders may have included Social Security Numbers or other tax identification numbers, driver's license numbers, passport numbers, financial account numbers, payment card numbers, and/or limited health claims information, such as health insurance participant identification number and/or claims information relating to date of service and provider name.

It is unclear how many people received this letter, but the communication suggests Citrix is contacting a broad range of individuals who work or worked for the company at some point, as well as those who applied for jobs or internships there and people who may have received health or other benefits from the company by virtue of having a family member employed by the company.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Friday February 21 2020, @07:46PM (1 child)

    by Anonymous Coward on Friday February 21 2020, @07:46PM (#960810)

    First time I heard the word, "Citrix", I thought it might be some kind of a big bug... (insect, possibly from "cicada"?)

  • (Score: 0) by Anonymous Coward on Friday February 21 2020, @08:37PM

    by Anonymous Coward on Friday February 21 2020, @08:37PM (#960826)

    Citadel or Ricks?