Citrix Systems says reports circulating online that the data of 2 million users has been hacked and can be bought for $20,000 are false.
In a blog posted on Tuesday, Citrix's chief information security officer, Fermin Serna, wrote that Citrix investigated the reported claims about someone compromising the Citrix network, stealing data and threatening to launch a ransomware attack, a common tactic in which hackers encrypt personal data and require payment to get it back.
The investigation hasn't found any evidence that the Citrix network was compromised or that data is being sold on the dark web, according to the post. Instead, Serna said the data is coming from a separate third party, which he did not identify.
A compromise of that party's network would not provide access to the Citrix network or allow the hacker to launch a ransomware attack against Citrix, Serna said. The third party has access to "low sensitivity business contacts," but does not have access to Citrix passwords, source code or other highly sensitive information, he said.
"This third party has been cooperative and responsive to our questions and direction, and has taken immediate action to isolate from the internet any Citrix related data they may have," Serna wrote.
The company, based in Fort Lauderdale, develops cloud-based solutions for businesses.
This isn't Citrix's first run-in with cyber security issues. Last month, the Sacramento Bee reported that the University of California, San Francisco School of Medicine paid hackers $1.14 million to retrieve data from a ransomware attack. While the source of the hack wasn't pinpointed, experts noted a vulnerability in several of the school's servers, which use Citrix.
The vulnerability gave hackers a way into the servers in December 2019. In January, Citrix released a permanent "patch" for servers with the vulnerability.
Last year, after a massive data breach exposed personal information of hundreds of current and former Citrix employees, two filed a lawsuit against the company accusing it of not properly protecting its employees' information.
The stolen information from last year's breach included names, Social Security numbers and financial information.
"The third party is now conducting its own investigation and remediation, and is committed to keeping Citrix advised of any developments, and Citrix is ready to assist as necessary," Serna wrote.
