Hackers undetected in Citrix systems for five months

[Destry Winant <destry () riskbasedsecurity com>]

https://www.itproportal.com/news/hackers-undetected-in-citrix-systems-for-five-months/

Citrix has confirmed hackers snooped around its network over the
course of five months between 2018 and 2019, gathering data on its
employees, contractors, third-parties and other individuals working
with the company over

According to a recent announcement from the networking software giant,
hackers moved through the company network on multiple occasions,
downloading information such as social security numbers and other tax
identification numbers. Driver’s license numbers, passport numbers,
financial account numbers and payment card numbers were also accessed.

It was also said hackers may have taken “limited health claims
information”, which could include health insurance participant
identification numbers or claims information.

It's not known just how many people were affected, but it's clear
hackers entered the network via different accounts, testing a high
volume of email addresses with popular weak passwords.

Cybersecurity firm Resecurity claims the Iranians are behind the
attack and have gathered terabytes of data.

Clearsky, another cybersecurity firm, claims Iranian state-sponsored
attackers are known for striking at VPN providers such as Citrix
because they offer a gateway to other, larger organisations.
_______________________________________________
BreachExchange mailing list sponsored by Risk Based Security
BreachExchange () lists riskbasedsecurity com

If you wish to Edit your membership or Unsubscribe you can do so at the following link:
https://lists.riskbasedsecurity.com/listinfo/breachexchange