A Los Angeles-based cybersecurity research company called Resecurity® claimed to have more information on the Citrix data breach and said the attackers gained access to somewhere between six and 10 TB worth of sensitive information, "including e-mail correspondence, files in network shares and other services used for project management and procurement."
According to Resecurity®, the attack was carried out by an Iranian threat group known for targeting government agencies and oil and gas companies. Resecurity® claimed in a blog post that it reached out to Citrix in December to share an "early warning notification" about the attack, but in an interview with NBC News, Resecurity® president Charles Yoo also said the threat group originally accessed Citrix's network 10 years ago and persisted ever since.
These details about the Citrix data breach could not be verified in any way. Initially, Resecurity®'s blog post on the incident did not contain any technical evidence, nor did the company respond to requests for comment. Resecurity® updated its post Monday with additional information and claims, including IP addresses supposedly from Iran, as well as darkened screenshots that appeared to show a list of email accounts and other information, including partially visible names, for approximately two dozen Citrix employees... Please continue the article at the source