Re: So hot on the heels of that
Citrix was smart; no emails, just a notice of the issue with instructions on the login screen to press the forgot password link. Kudos to Citrix for their handling. They also have a second layer of security that requires another password on connection to the remote host with instructions to use a different PW.
This attack was enabled because people use the same login credentials for multiple sites. Hacker was smart... only those with bad password hygiene should have been affected.
Time for some bright bloke to create an irrefutable, low-cost biometric authentication scheme. And make a bazillion bucks.