Citrix which provides services to the U.S. military, the FBI, many U.S. corporations, and various U.S. government agencies disclosed last weekend a massive data breach of its internal network by “international cyber criminals.”
Citrix said it was warned by the FBI on Wednesday of foreign hackers compromising its IT systems and stealing “business documents,” adding that the company does not know precisely which documents the hackers obtained nor how they got in.
Although Citrix did not disclose many details about the breach, researchers at infosec firm Resecurity shed more light on the incident, claiming it had earlier alerted the Feds and Citrix about the “targeted attack and data breach.”
Resecurity said the Iranian-backed IRIDIUM hacker group hit Citrix in December last year and again on Monday (March 4th) and stole at least 6 terabytes of sensitive internal files, including emails, blueprints, and other documents.
IRIDIUM is an Iranian-linked hacking group that was also behind recent cyber attacks against more than 200 government agencies worldwide, oil and gas companies, technology companies and other targets.
Source: The Hacker News