Citrix has confirmed hackers snooped around its network over the course of five months between 2018 and 2019, gathering data on its employees, contractors, third-parties and other individuals working with the company over
According to a recent announcement from the networking software giant, hackers moved through the company network on multiple occasions, downloading information such as social security numbers and other tax identification numbers. Driver’s license numbers, passport numbers, financial account numbers and payment card numbers were also accessed.
It was also said hackers may have taken “limited health claims information”, which could include health insurance participant identification numbers or claims information.
It's not known just how many people were affected, but it's clear hackers entered the network via different accounts, testing a high volume of email addresses with popular weak passwords.
Cybersecurity firm Resecurity claims the Iranians are behind the attack and have gathered terabytes of data.
Clearsky, another cybersecurity firm, claims Iranian state-sponsored attackers are known for striking at VPN providers such as Citrix because they offer a gateway to other, larger organisations.