Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Subscribe
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Subscribe
    Home Cybersecurity
    • Cybersecurity

    Users of Citrix’s GoToMyPC Forced to Reset Passwords After Attack

    Written by

    Jeff Burt
    Published June 23, 2016
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      Users of Citrix Systems’ GoToMyPC remote desktop access service were forced to change their passwords following what company officials called a “very sophisticated password attack” in which hackers tried to use usernames and passwords leaked from other Websites to access GoToMyPC accounts.

      Citrix security officials responded by forcing all users of the service to reset their passwords. The company first issued a notice June 18, and users coming onto the service this week were notified that their passwords were no longer operational and they would have to create new passwords.

      According to the updated notice Citrix issued this week, the damage from the attack was minimal. Company security officials said that no sensitive customer data—including credit card information—was exposed during the incident. However, they added they were continuing to investigate the issue and that they will let users know the results of the probe after it’s completed.

      No other Citrix services were included in the attack, company officials said. The GoToMyPC service is used to gain remote access to home and work PCs over the Web.

      They did not say how many people were impacted by the password reuse attack. According to reports, some users over the weekend found they couldn’t sign onto their account and were being asked to reset their passwords. Soon after, Citrix issued the warning that the site was under attack and steps users could take to protect themselves.

      “We have experienced an issue which requires you to reset your password if you are having trouble logging into your account,” the post said. “Please reset your password through the ‘Forgot Password’ link if you are having trouble logging into your account.”

      Soon afterward, that suggested password reset became a mandatory one, with the GoToMyPC security officials resetting all passwords and forcing users to go in and reset them. Citrix officials made recommendations for creating highly secure passwords (don’t use a word from the dictionary or use the same password in more than one place, use eight or more characters and make it complex by randomly adding capital letters, punctuation or symbols) and offered the option of using two-step verification.

      Passwords are seen as a particularly vulnerable point in the larger information security environment, due in part to how consumers use them. In a recent Mail.com survey released earlier this month, one in 10 Americans said they never change their passwords, and 38 percent alter their passwords on an average of every six months. In addition, 20 percent use the same password for most or all of their Internet services; only 23 percent use different passwords for different services.

      Fifty-eight percent of respondents said they store passwords in their head, while 15 percent write them on a piece of paper. Another 5 percent save passwords in their browser, and only 9 percent use password management software.

      “There are two main reasons Americans are so negligent when it comes to passwords: first, the sharply increasing number of Internet services that require an authentication with passwords, and second, the missing knowledge on password security,” Martin Wilhelm, public relations manager for Mail.com, told eWEEK. “People choose passwords that are easy to remember because it’s much more comfortable than handling a complex and individual password for a variety of different services. What they don’t have in mind is that they run the risk of losing all their data on the Internet once this password has been spied out by Internet criminals.”

      Jeff Burt
      Jeff Burt
      Jeffrey Burt has been with eWEEK since 2000, covering an array of areas that includes servers, networking, PCs, processors, converged infrastructure, unified communications and the Internet of things.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.