$2.3 Million Settlement Reached With Citrix Over Data Breach

Citrix employees impacted by a data breach that resulted in the theft of their data have secured a $2.275 million settlement. 


  • Hacker leaks data of 2.28 million dating site users
  • Cyber security 101: Protect your privacy from hackers, spies, and the government
  • The best antivirus software and apps
  • The best VPNs for business and home use
  • The best security keys for two-factor authentication
  • How ransomware could get even more disruptive in 2021 (ZDNet YouTube)
  • Homebrew: How to install post-exploitation tools on macOS (TechRepublic)

The settlement, first agreed in June 2020, has now met with the approval of Judge Ron Altman, as reported by Bloomberg Law. 

This week, the judge issued preliminary approval for the settlement figure in the US District Court for the Southern District of Florida. 

The class-action lawsuit, involving roughly 24,300 members, will be settled in return for Citrix providing the $2.275 million fund, usable for credit monitoring services, ID theft recovery, and up to $15,000 in reimbursement for expenses and loss per claimant. 

Citrix disclosed the data breach in March 2019 after being alerted by the FBI of a possible network intrusion. Cyberattackers had infiltrated the software giant's internal servers for a period of roughly five months between 2018 and 2019. 

The company said that the threat actors had "intermittent access" to corporate resources and that that password spraying was the likely method in which access to Citrix systems was obtained.

Password spraying takes advantage of weak credentials and is a common method to compromise both corporate and personal accounts.

Citrix employees were embroiled in the security incident. In a letter (.PDF) sent to those thought to be impacted -- including staff, contractors, interns, job candidates, beneficiaries, and dependents -- the company said their personal data may have been stolen. 

This may have included PII, Social Security numbers, passport numbers, limited health insurance data, driver's licenses, and financial account information such as payment card numbers. 

A hearing over Zoom is set for June 10, 2021, where the settlement may be finalized. 

ZDNet has reached out to Citrix and will update when we hear back. 

Previous and related coverage

  • Hackers lurked in Citrix systems for six months
  • Hackers probe Citrix servers for weakness to remote code execution vulnerability
  • Citrix buys Wrike for $2.25 billion, aims to bolster hybrid work portfolio

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0