Acting on a tip from the FBI, Citrix has investigated and confirmed that its network has been penetrated and data had been exfiltrated by an outside force.
Neither the extent of nor the specifics of what has been removed has been determined, but in a statement Citrix said business documents have been accessed and downloaded by malicious actors. The FBI contacted Citrix on March 6 advising the company that the agency had reason to believe the company had been attacked. Citrix said it immediately hired an outside security firm to conduct an investigation which found the FBI was correct.
“The specific documents that may have been accessed, however, are currently unknown. At this time, there is no indication that the security of any Citrix product or service was compromised,” the company said.
The company has not released what kind of data was removed during the data breach.
The FBI told the company the attacker may have used a brute force attack to discover and exploit any weak passwords in Citrix’s systems. Once inside the attackers moved laterally through the network finding and removing files.
Citrix makes and touts the security of enterprise class Workspace as a Service software. In its About Us section the company states, “At Citrix, our mission is to power a world where people, organizations, and things are securely connected and accessible. A place where all business is digital business. A world where our customers are empowered to make the extraordinary possible. We will accomplish this by building the world’s best integrated technology services for secure delivery of apps and data ⎯ anytime, anywhere.”