Service Alerts

Share to Facebook Share to Twitter Share to Google Plus Share to LinkedIn

Sharefile users have all been affected by a recent forced password change carried out by Citrix, amid speculation that it was due to a data breach.

Users forced to reset password

Last Monday, Sharefile users reported that they were unable to login to their Sharefile accounts using their usual credentials. Instead of Citrix warning users in advance that they would be preventing users from logging into their accounts until they reset their passwords, they decided to send an email on the same day – so those who didn’t receive the email or check their emails, would not have known this was going to happen. Below is a screenshot of the email that was sent:

sharefile email 

Suspicions of a data breach

Those that did receive the above email would be forgiven for assuming that the only reason Citrix had enforced the sudden password change was because they must have experienced some sort of data breach themselves – therefore they panicked and locked down accounts until users changed their password.

However, Citrix have assured everyone that this was not the case. They released a statement confirming the real reason they forced users to change their password was to pre-empt any potential cyber-attack from occurring.

They claim that they, and the users of Sharefile, had been victims of “Credential Stuffing” and so decided to act swiftly to prevent any further dubious login attempts. Credential stuffing is the use of previously harvested leaked username/password pairs in order to fraudulently gain access to user accounts.

The CSIO of Citrix, Stan Black, released the following statement:

“To be clear, if there is any misunderstanding, the users of the ShareFile service were experiencing a credential stuffing attack. We moved quickly and decisively to end it for the benefit of our users.”

Next steps

So in order for users to access their accounts again, they have to browse to their Sharefile login page and click the “Forgot Password” link to reset their password. It should look something like the below:

sharefile login 

Whilst this may not seem too inconvenient for the user, if you are business that manages multiple Sharefile accounts and have limited the ability to allow users to reset their passwords themselves, then unfortunately Citrix have said this process has to be done manually for every single account being managed.

Further Reading

For more information, please refer to the following: https://www.theregister.co.uk/2018/12/04/password_change_for_sharefile/