Skip to main content

Hackers steal terabytes of data from Citrix database

(Image credit: Shutterstock)

Hackers have stolen between six and 10 terabytes of data from a Citrix facility, researchers have claimed. 

Speaking to NBC News, security researchers at Resecurity claimed Citrix was oblivious to the theft but the FBI reacted, as this appears to be a state-sponsored attack.

The culprits, suspected of being hackers from the Iridium group, which has been linked to the Iranian government, stole data in two separate incidents, the team says, one taking place in December last year, and another one in March this year. 

The data stolen was related to the aerospace industry, the FBI, NASA and Saudi Arabia's state-owned oil company. Allegedly, the hackers first breached Citrix ten years ago, and have been lurking around ever since.  

They broke in using the 'password spraying' technique, in which they managed to guess a weak password to log into the network. Resecurity allegedly warned Citrix about the intrusion in December, but we don't know if the company reacted to it, and in what way.

However, we do know that it did react once the FBI got involved on March 6. Citrix said it launched a 'forensic investigation' with a security firm, and 'took actions' to lock its network down.

“At this time, there is no indication that the security of any Citrix product or service was compromised,” the company said in a statement.

Image Credit: Brian Klug / Flickr