[BreachExchange] Hackers undetected in Citrix systems for five months

Destry Winant destry at riskbasedsecurity.com
Thu Feb 20 10:09:26 EST 2020


https://www.itproportal.com/news/hackers-undetected-in-citrix-systems-for-five-months/

Citrix has confirmed hackers snooped around its network over the
course of five months between 2018 and 2019, gathering data on its
employees, contractors, third-parties and other individuals working
with the company over

According to a recent announcement from the networking software giant,
hackers moved through the company network on multiple occasions,
downloading information such as social security numbers and other tax
identification numbers. Driver’s license numbers, passport numbers,
financial account numbers and payment card numbers were also accessed.

It was also said hackers may have taken “limited health claims
information”, which could include health insurance participant
identification numbers or claims information.

It's not known just how many people were affected, but it's clear
hackers entered the network via different accounts, testing a high
volume of email addresses with popular weak passwords.

Cybersecurity firm Resecurity claims the Iranians are behind the
attack and have gathered terabytes of data.

Clearsky, another cybersecurity firm, claims Iranian state-sponsored
attackers are known for striking at VPN providers such as Citrix
because they offer a gateway to other, larger organisations.


More information about the BreachExchange mailing list