Citrix has revealed the cause of a massive data breached revealed in March 2019 was weak passwords and systems that didn’t detect brute-force login attacks.
News of the break-in was first delivered by security firm Resecurity, which informed Citrix of a problem in late 2018.
The FBI next contacted Citrix in early March 2019, before the vendor admitted to the issue on March 8.
Citrix has now wrapped up its own investigation into the breach with help from FireEye.
A blog post detailing the investigation confirmed that the cybercriminals gained access to Citrix’ network with a “password spraying” effort that tried multiple passwords for a distinct user name.