The QuickBooks cloud-hosting firm iNSYNQ is still in recovery mode after being hit with a MegaCortex ransomware attack that forced it offline last week and the company expects it to take at least several more days to get all its customers back online.

Company CEO Elliot Luchansky said in a July 22 blog post that access is being restored to some customers and iNSYNQ is working with a cybersecurity firm to remove the ransomware from its system. There is also no evidence at this time that any information was compromised or removed. The company said it was able to catch the attack early, but the restoration process will be time consuming and customers may see files with a .megacortex extension on some currently inaccessible records.

“Luckily, the vast majority of the files that were impacted (i.e., are encrypted) are smaller files and do not include QuickBooks or Sage files,” he said.

The company initially posted a warning on July 18 stating it had been hit with ransomware on July 16.

Many customers took to Twitter to complain that the company was not being forthcoming with information regarding their inaccessible data.

“I am acutely aware of and understand your frustrations and concerns through this process. There are many ways to go about securing and restoring files- by now I’m sure you’ve read the many news pieces out there that describe the challenges of giving too much detail on the different ways to handle these sorts of attacks and the challenges of information sharing during them,” Luchansky responded.

In the meantime the company is suggesting its customers back their files up locally.