Stories
Slash Boxes
Comments

SoylentNews is people

Hackers Were Inside Citrix for Five Months

posted by Fnord666 on Friday February 21 2020, @06:01PM   Printer-friendly
from the turning-Citrix-inside-out dept.

"SoyCow4275" writes in with this story via IRC:

Hackers Were Inside Citrix for Five Months:

Citrix provides software used by hundreds of thousands of clients worldwide, including most of the Fortune 100 companies. It is perhaps best known for selling virtual private networking (VPN) software that lets users remotely access networks and computers over an encrypted connection.

In March 2019, the Federal Bureau of Investigation (FBI) alerted Citrix they had reason to believe cybercriminals had gained access to the company's internal network. The FBI told Citrix the hackers likely got in using a technique called "password spraying," a relatively crude but remarkably effective attack that attempts to access a large number of employee accounts (usernames/email addresses) using just a handful of common passwords.

In a statement released at the time, Citrix said it appeared hackers "may have accessed and downloaded business documents," and that it was still working to identify what precisely was accessed or stolen.

But in a letter sent to affected individuals dated Feb. 10, 2020, Citrix disclosed additional details about the incident. According to the letter, the attackers "had intermittent access" to Citrix's internal network between Oct. 13, 2018 and Mar. 8, 2019, and that there was no evidence that the cybercrooks still remain in the company's systems.

Citrix said the information taken by the intruders may have included Social Security Numbers or other tax identification numbers, driver's license numbers, passport numbers, financial account numbers, payment card numbers, and/or limited health claims information, such as health insurance participant identification number and/or claims information relating to date of service and provider name.

It is unclear how many people received this letter, but the communication suggests Citrix is contacting a broad range of individuals who work or worked for the company at some point, as well as those who applied for jobs or internships there and people who may have received health or other benefits from the company by virtue of having a family member employed by the company.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Hackers Were Inside Citrix for Five Months | Log In/Create an Account | Top | 11 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1, Informative) by Anonymous Coward on Friday February 21 2020, @08:16PM (2 children)

    by Anonymous Coward on Friday February 21 2020, @08:16PM (#960816)
    but if you steal the credentials for lots of people with admin access to the network you can snoop through it and find all the valuable or compromising stuff.

    This is a major breach with national security implications.

    Starting Score:    0  points
    Moderation   +1  
       Informative=1, Total=1
    Extra 'Informative' Modifier   0  
    Total Score:   1  

  • (Score: 2) by ikanreed on Friday February 21 2020, @08:20PM (1 child)

    by ikanreed (3164) Subscriber Badge on Friday February 21 2020, @08:20PM (#960820) Journal

    I'm gonna level with you, I may have not been entirely serious in that assessment.

    But I was very serious in participating in the fourth steering committee meeting for defining pilot models of policy compliant data that adhere to best practices! We used big red cartoon Xes for examples of non policy compliant data that is to be avoided!

    • (Score: 1) by fustakrakich on Saturday February 22 2020, @12:48AM

      by fustakrakich (6150) on Saturday February 22 2020, @12:48AM (#960886) Journal

      We used big red cartoon Xes

      Ah, ok, that explains the 6 gigabytes...

      --
      La politica e i criminali sono la stessa cosa..