Cloud provider Leaseweb was forced to take some of its critical systems down to mitigate the effects of an ongoing cyberattack.
One of the world’s largest cloud and hosting providers, Leasweb contacted its customers to alert them it spotted “unusual” activity in some parts of its infrastructure.
To minimize the potential damages and oust the unauthorized lurkers, the company took down some of the impacted systems.
Successful containment
“On the night of August 22, our monitoring systems detected unusual activity within certain areas of our cloud environments. The issue had an impact on a specific portion of our cloud-based infrastructure leading to downtime for a small number of cloud customers,” the company said in its email.
“In response to this event, we’ve taken quick and determined steps to reduce potential risks. This includes temporarily disabling certain critical systems impacting the Customer Portal. Our teams are working hard to restore the systems and we expect the Customer Portal to be available again within the next few hours.”
Besides reacting to minimize the damage, the company also hired a third-party cybersecurity firm to further analyze the incident and formulate a strategy going forward.
“To make sure our services stay secure and reliable, we’ve put strong containment plans in place and are closely partnering with a respected cybersecurity and forensics firm,” the message reads. “Our investigation is ongoing, but we’ve successfully contained the incident, improved our security measures, and haven’t found any more unauthorized activity.”
Leaseweb is said to have more than 20,000 customers, both SMBs and large enterprises. It’s been active since 1997, operating 25 data centers around the world, in which more than 80,000 servers are located.
At press time, the company was silent on the matter, with its Twitter account not showing anything about the incident.
Via: BleepingComputer