INSUBCONTINENT EXCLUSIVE:
Hackers gained access to technology giant Citrix networks six months before they were discovered, the company has confirmed.
In a letter to
California attorney general, the virtualization and security software maker said the hackers had &intermittent access& to its internal
network from October 13, 2018 until March 8, 2019, two days after the FBI alerted the company to the breach.
Citrix said the hackers
&removed files from our systems, which may have included files containing information about our current and former employees and, in limited
cases, information about beneficiaries and/or dependents.&
Initially the company said hackers stole business documents
Now it saying the stolen information may have included names, Social Security numbers and financial information.
Citrix said in a later
update on April 4 that the attack was likely a result of password spraying, which attackers use to breach accounts by brute-forcing from a
list of commonly used passwords that aren&t protected with two-factor authentication.
We asked Citrix how many staff were sent data-breach
notification letters, but a spokesperson did not immediately comment.
Under California law, the authorities must be informed of a breach if
more than 500 state residents are involved.
Read more:
A leaky database of SMS text messages exposed password resets and two-factor
codes
Chipotle customers are saying their accounts have been hacked
We found a massive spam operation — and sunk its server
Dow Jones&
watchlist of 2.4 million high-risk individuals has leaked
Stop saying, ‘We take your privacy and security seriously&
Robocaller firm
Stratics Networks exposed millions of call recordings
Massive mortgage and loan data leak gets worse as original documents also exposed
