On 3-6-2019, the FBI contacted Citrix to let them know that they believe that cyber criminals have gained unauthorized access to Citrix’s internal network. After this notification, Citrix made a statement saying that the company has started an internal investigation and found that the attackers may have accessed and downloaded business documents. The exact details are still unknown but the investigation is currently ongoing.
For those unaware, Citrix is an American company that provides technology services including cloud computing and virtualization to companies and organizations around the world. It currently delivers services to 400,000 organizations that includes 99% of Fortune 100 and 98% of Fortune 500 companies according to company website.
In a statement made by the cyber security firm Resecurity, Citrix was attacked by an Iranian-linked hacking group that goes by the name Iridium. The firm also reports that the group bypassed 2FA measures and gained access to at least 6TB worth of data. This group has been behind the attacks on more than 200 government agencies, oil and gas companies, along with technology companies.
The firm has claimed that it reached out to Citrix on Friday, December 28th 2018 with an early warning notification of a targeted attack and data beach being planned specifically during the Christmas season.