Weird timing that Dec of 18 they forced a password reset to most of its Sharefile "customers." (aka including anyone who has ever received a file from someone through sharefile, and accidentally signed up for a service they didnt want.)
“This is not in response to a breach of Citrix products or services,” wrote spokesperson Jamie Buranich.
I want to know if they knew already in December, and if they lied to the public and their customers. Maybe they could argue that "yes a breach happened, but this password reset was completely unrelated" but thats a load of livestockwash, if thats the case.
Edit: maybe i should read the article. Looks like they were in back in October! Jamie is likely just a sacrificial lamb, who is there so they have a head to roll, but somebody on the executive team should be in trouble for that kind of lie, unless there were government gag orders.
>Citrix’s letter was prompted by laws in virtually all U.S. states that require companies to notify affected consumers of any incident that jeopardizes their personal and financial data.
Excuse my French, but thats fucking bullshit that they are just admitting to this a year and a half later.
> Resecurity also presented evidence that it notified Citrix of the breach as early as Dec. 28, 2018, a claim Citrix initially denied but later acknowledged.
https://krebsonsecurity.com/2018/12/a-breach-or-just-a-force...
“This is not in response to a breach of Citrix products or services,” wrote spokesperson Jamie Buranich.
I want to know if they knew already in December, and if they lied to the public and their customers. Maybe they could argue that "yes a breach happened, but this password reset was completely unrelated" but thats a load of livestockwash, if thats the case.
Edit: maybe i should read the article. Looks like they were in back in October! Jamie is likely just a sacrificial lamb, who is there so they have a head to roll, but somebody on the executive team should be in trouble for that kind of lie, unless there were government gag orders.
>Citrix’s letter was prompted by laws in virtually all U.S. states that require companies to notify affected consumers of any incident that jeopardizes their personal and financial data.
Excuse my French, but thats fucking bullshit that they are just admitting to this a year and a half later.