Skip to content

Massachusetts-based Progress keeps ShareFile servers offline during security investigation

Progress restored ShareFile cloud access July 12, but customers must keep privately managed storage servers offline while the company investigates a security threat.

Exterior of Progress Software’s Burlington headquarters, with the company’s green-and-black logo mounted on a brick office building.
Progress Software’s headquarters in Burlington, Massachusetts. (Eduardo Maurizi/Google Maps)

Progress Software restored access to its ShareFile platform July 12 for customers affected by a security-related shutdown but told them to keep customer-managed file storage servers offline while it investigates.

The affected servers allow organizations to store data in their own environments rather than entirely in Progress’ cloud. The Massachusetts-based business software company has not said how many customers were affected.

In a July 10 notice reviewed by DysruptionHub, Progress said it had identified a “credible external security threat” targeting ShareFile Storage Zone Controllers. The company temporarily disabled access for affected accounts and instructed customers to shut down the servers hosting the controllers as a precaution.

Screenshot of a Progress ShareFile customer notice warning of a credible external security threat targeting Storage Zone Controllers and directing customers to shut down the servers hosting them.
A July 10 Progress ShareFile notice instructed customers using Storage Zone Controllers to shut down the servers hosting them while the company investigated what it called a credible external security threat. (Screenshot/Progress ShareFile via Imgur)

ShareFile’s public status page reported at 12:12 p.m. EDT that day that the service was not operational for those customers and that the issue was under investigation.

In the notice, Progress said it had no indication of unauthorized access to ShareFile accounts or data. It said internal and outside cybersecurity experts were assessing the threat.

Progress told SecurityWeek on July 13 that it had notified all affected customers by 5 p.m. EDT July 12 that their ShareFile cloud access had been restored. The company said the controllers must remain turned off while the investigation continues.

“At this time, we have no evidence of unauthorized access to any ShareFile customer account or data, and we have not identified any active threat,” Progress said in the statement.

Chip in once
If this reporting helped you, a one-time tip helps cover hosting, tools and future investigations.

Tip us

Support us monthly
A small monthly pledge keeps independent coverage and our reader tools online for everyone.

Become a Supporter

ShareFile’s public status page still listed the incident as unresolved July 13 and showed the July 10 investigation notice as its latest update, despite Progress’ statement that cloud access had been restored.

Progress has not disclosed what triggered the warning, whether a vulnerability was exploited, how many customers were affected or when the controllers can be restarted. It has not confirmed an attack type, threat actor, data theft or ransom demand.

In 2023, attackers widely exploited a zero-day vulnerability in Progress’ separate MOVEit Transfer product. The Cybersecurity and Infrastructure Security Agency attributed that campaign to the Clop ransomware group. No source reviewed by DysruptionHub has linked the MOVEit campaign to the ShareFile warning.

Customers can access the ShareFile cloud service, but Storage Zone Controllers must remain offline until Progress completes its investigation or issues new instructions.

Attribution note: DysruptionHub credits upstream reporting and primary sources—see citations above. If this report informed your coverage, please cite DysruptionHub with a link.
DysruptionHub Staff

DysruptionHub Staff

A collaborative project to bring you the latest cyberattacks impacting the availability of services and goods in the United States.

All articles

More in Private Sector

See all

More from DysruptionHub Staff

See all