Multinational software company Citrix Systems has confirmed that hacker had access to its internal networks for six months before the breach was first discovered, according to a TechCrunch report.
In a letter to California’s attorney general election, the virtualisation and security software vendor said that hackers had “intermittent access” to its systems between October 13th, 2018 and March 8th, 2019, two days after the FBI informed the company about the breach.
Citrix revealed that the hackers “removed files from our systems, which may have included files containing information about our current and former employees and, in limited cases, information about beneficiaries and/or dependents.”
At first, Citrix said hackers managed to obtain internal business documents. However, now it’s saying the stolen data may have included names, Social Security numbers, and financial information.
Citrix later revealed in another update on the company’s website that the attack was the result of “password spraying”, a technique that hackers frequently use to breach accounts through a list of commonly used passwords that aren’t with two-factor authentication.
TechCrunch asked how many staff were sent-data breach notification letter, but a spokesperson did not immediately comment.
Under state law in California, the authorities must be notified of a breach if more than 500 state residents were involved.