Service Restored: Large File Transfer Service going offline

Submitted by keea2562 on

Start Date & Time

End Date & Time

Description

Update on 2/9/2021: You can find more information about this incident, and the associated cyberattack, at https://www.cu.edu/accellion-cyberattack.

Service restored at 3:58 pm on 1/28/2021: The Large File Transfer service has been restored. A new appliance is in place running Accellion's patched code. Files and workspaces were successfully transferred to the new appliance. Users will now be able to sign in at https://filetransfer.colorado.edu.

Service issue updated at 10:11 am on 1/28/2021: OIT is completing work on standing up the newly patched virtual machine. We have some configuration to complete with the assistance of the vendor, but it is looking promising to have the service available again this afternoon. We will provide further updates as they become available.

Service issue updated at 10:01 am on 1/27/2021: After working with the vendor, OIT has started work to restore the Large File Transfer Service. The vendor has recommended we migrate to a new virtual machine to host the service. At this time we expect the service to be available for use again sometime tomorrow January 28th 2021. 

We will provide another update when the service is back up and running.

Service issue reported at 10:05 am on 1/25/21: OIT is making the decision to temporarily turn off the appliance that supports the Large File Transfer service at the strong encouragement of Accellion, the vendor whose File Transfer Appliance (FTA) appliance is the back-end of the service. They have been notified of an active exploit of a SQL injection attack that could allow attackers to gain access to data on the FTA. We have no indication that the attack has compromised our appliance, but we intend to follow their guidance and disable the service until we get a patch from the vendor.

Users will receive an error stating "This site cannot be reached" when trying to access http://filetransfer.colorado.edu. Any files sent but not already retrieved will not be accessible while the appliance is down.

The vendor is working on resolving the issue. There is no ETA at this time.