Although Citrix did not disclose many details about the breach, researchers at infosec firm Resecurity® shed more light on the incident, claiming it had earlier alerted the Feds and Citrix about the "targeted attack and data breach."
Resecurity® said the Iranian-backed IRIDIUM hacker group hit Citrix in December last year and again on Monday (March 4th) and stole at least 6 terabytes of sensitive internal files, including emails, blueprints, and other documents.
IRIDIUM is an Iranian-linked hacking group that was also behind recent cyber attacks against more than 200 government agencies worldwide, oil and gas companies, technology companies and other targets.
IRIDIUM proprietary techniques include bypassing multi-factor authentications for critical applications and services for further unauthorized access to VPN channels and SSO (Single Sign-On)... Please continue the article at the source