Last updated on April 12, 2019
Last Friday (3/8/19), Citrix issued a statement admitting that hackers gained entry into their network.
According to Stan Black, Chief Security Information Officer for Citrix, the FBI informed Citrix of the breach on March 6th. Hackers accessed “business documents” but not much else is currently known and the specific documents exposed have yet to be identified.
As far as Citrix knows, the products and services they offer were not compromised. Per the FBI, hackers likely gained access through a method called “password spraying” which exploits weak passwords.
Citrix manages VPN accesses for over 400,000 organizations yet has taken no action to contain this incident. The CSIO, Stan Black, publicly announced the event on March 6th. Let us hope the damage was minimal as Citrix is a widely used product and service.
Information security for organizations and end users alike continues to be a critical issue. I can’t stress enough how important it is to follow best security practices:
At the end of the day, end users are the biggest vulnerability. Intentions aside, humans are fallible and must be vigilant protecting sensitive data from malicious attacks and breaches. By following the practices listed above, you will be one step closer to securing your data.
“Privacy is not something that
I’m merely entitled to, it’s an absolute prerequisite.”
― Marlon Brando