Citrix allegedly hacked exposing database with 2000,000 users

In March 2019, about 6 TB of data from Citrix was hacked by an Iranian group.
Citrix allegedly hacked exposing database with 2000,000 users

In March 2019, about 6 TB of data from Citrix was hacked by an Iranian group.

We come across data breaches every day due to lax security measures in place. Just an hour ago Hackread.com reported how a hacker has been selling 142 million MGM customers data and now an attacker is claiming that they hacked Citrix Systems.

Citrix Systems, Inc. is an American software company with operations in multiple countries and customers that include the military, government & businesses. Initially surfaced on Twitter, the hacker is selling the database exposed in the process with 2000,000 users for $20,000.

The database includes but is not limited to the following data categories:

  1. Full names
  2. Phone numbers
  3. Email addresses
  4. Company name
  5. Physical address details










The following screenshots of the listing of Citrix Systems were shared by UnderTheBreach on Twitter:

Even though it does not include passwords, the other data is still very relevant as it can be used by the purchaser to perform a wide array of malicious tasks such as phishing campaigns and social engineering attacks.

The image above shows a snippet from the database which is hosted on PHPMyAdmin with a list of the records available.










Although it could not be verified at the moment on whether it is definitely Citrix that has been hacked or any other 3rd party, one of the images released by UnderTheBreach shows someone conversing with the hacker on this particular issue:

Within it, we could see at the very end that a user asked the attacker for any proof in response to which 2 photos were transferred by the latter.

For the time being though, it hasn’t been independently verified by the researcher. We do have clues nonetheless. In March 2019, about 6 TB of data from Citrix was hacked by an Iranian group with the company having no idea as to what data was stolen.

Could this database being offered now be a part of the previous breach? Additionally, in February earlier this year, Citrix itself disclosed that hackers had penetrated its networks for 5 months between 2018 and 2019 which also remains something we could point towards.

To conclude, we’ll continue updating you on further developments as they take place. Till then, there is little we could do except advising the users of the company to change the details associated with their accounts to render any obtained information useless.

Did you enjoy reading this article? Do like our page on Facebook and follow us on Twitter.

Related Posts