Citrix Data Breach May Have Impacted Fortune 500 Companies
Over the weekend, Citrix reported a potential data breach into their internal network. Citrix provides virtual private networks (VPNs) for over 400,000 companies, so the reach of the breach could be widespread.
Currently, there are no official details as to how large the impact was or what type of information was taken in the process. Citrix is cooperating with the FBI, and so far, they believe the hackers may have “accessed and downloaded business documents.” For reference, Citrix’s software and technology services are used by 98% of Fortune 500 companies.
Virtual private networks are used to secure internet access. They encrypt data transfers, mask locations and change/hide IP addresses. With a VPN, a company can transfer protected information in a protected environment. If the VPN is breached though, the information it safeguards could be compromised.
The incident is linked to the hacker group IRIDIUM, which has attacked over 200 government agencies, technology companies, and oil and gas firms. The security firm Resecurity says the hackers accessed “at least 6 terabytes of sensitive data stored in the Citrix enterprise network, including e-mail correspondence, files in network shares and other services used for project management and procurement.”
The FBI believes the system was hacked through a process called “password spraying.” This targets weak passwords and allows hackers to get through the first layer of security in a network. From there, they can use their limited access to tap into additional security layers.
The company says, “Citrix deeply regrets the impact this incident may have on affected customers. Citrix is committed to updating customers with more information as the investigation proceeds.”