Skip to main content

Hackers steal terabytes of data from Citrix database

(Image credit: Shutterstock)

Hackers have stolen between six and 10 terabytes of data from a Citrix facility, researchers have claimed. 

Speaking to NBC News (opens in new tab), security researchers at Resecurity claimed Citrix was oblivious to the theft but the FBI reacted, as this appears to be a state-sponsored attack.

The culprits, suspected of being hackers from the Iridium group, which has been linked to the Iranian government, stole data in two separate incidents, the team says, one taking place in December last year, and another one in March this year. 

The data stolen was related to the aerospace industry, the FBI, NASA and Saudi Arabia's state-owned oil company. Allegedly, the hackers first breached Citrix ten years ago, and have been lurking around ever since.  

They broke in using the 'password spraying' technique, in which they managed to guess a weak password to log into the network. Resecurity allegedly warned Citrix about the intrusion in December, but we don't know if the company reacted to it, and in what way.

However, we do know that it did react once the FBI got involved on March 6. Citrix said it launched a 'forensic investigation' with a security firm, and 'took actions' to lock its network down.

“At this time, there is no indication that the security of any Citrix product or service was compromised,” the company said in a statement.

Image Credit: Brian Klug / Flickr

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.