Citrix, a virtualization software provider used by 400,000 companies and organizations throughout the world, is investigating a report by the FBI that some of its internal network has been breached by international criminals, according to Ars Technica.
“Citrix has taken action to contain this incident. We commenced a forensic investigation; engaged a leading cyber security firm to assist; took actions to secure our internal network; and continue to cooperate with the FBI,” according to a statement on the company’s website.
Citrix works with most Fortune 500 companies, as well as government and military organizations around the world. Hackers have allegedly accessed and downloaded business documents.
“The specific documents that may have been accessed, however, are currently unknown. At this time, there is no indication that the security of any Citrix product or service was compromised,” the company said.
While the company is still investigating the attack, Citrix said international hackers likely used a technique that exploits weak passwords, a tactic called “password spraying.”
Shares in Citrix fell three percent after the company reported the incident, to $99.77, according to Financial Times.
H/T Ars Technica