Technology

Citrix says FBI investigating network breach by ‘international cyber criminals’

Citrix, a widely used log-in service in the corporate world, revealed Friday that the FBI is investigating a breach to its internal network by “international cyber criminals.”

By Sean Lyngaas

March 8, 2019

Citrix offices in Santa Clara, California. (Getty Images)

Citrix, a VPN service widely used in the corporate world, revealed Friday that the FBI is investigating a breach to its internal network by “international cyber criminals.”

The hackers appear to have “accessed and downloaded business documents,” the company said in a blog post, adding that it doesn’t know specifically what was accessed. There is no sign that the breach has compromised any Citrix product or service, the Florida-based company said.

“While not confirmed, the FBI has advised that the hackers likely used a tactic known as password spraying, a technique that exploits weak passwords,” Citrix said. “Once they gained a foothold with limited access, they worked to circumvent additional layers of security.”

Citrix said it had hired a top digital forensics company to investigate further.

News of the breach led to a drop in stock for the company Friday. Citrix has said it provides VPN services to 400,000 companies worldwide, including most of the Fortune 500.