Citrix recently acknowledged that the company has become a new victim of data breaches, causing international hackers to steal large amounts of data. The company said that the US Federal Bureau of Investigation (FBI) has contacted the company on this matter and warned that the cyber attack was most likely caused by Iranian hacking organizations, stealing a lot of business documents.
For this security incident, Citrix has taken active steps. The company said: “Citrix has taken action to contain this incident. We commenced a forensic investigation; engaged a leading cybersecurity firm to assist; took actions to secure our internal network; and continue to cooperate with the FBI.
Citrix is moving as quickly as possible, with the understanding that these investigations are complex, dynamic and require time to conduct properly. In investigations of cyber incidents, the details matter, and we are committed to communicating appropriately when we have what we believe is credible and actionable information.”
The company added that Citrix’s products or services have no indication that their safety is affected. The damage, but admitted that it is not clear how many or which documents have been visited.
According to the details of the disclosure, hackers used a strategy called “password spraying”, which used weak passwords to gain limited access and then tried to bypass other security systems.
While Citrix says it is trying to control the incident and keep its products and services safe, the real problem is that as a government contractor, the company has a lot of sensitive data and is now afraid that it will be accessed by hackers.