Global hosting and cloud services provider Leaseweb has disabled some “critical” systems following a recent security breach. The company informed its customers that is now working on restoring these systems.
According to a notice of incident sent to customers, on August 22, the company discovered “unusual” activity in some of its systems while investigating Customer Portal downtime issues.
In response to the incident, the company took down some of the impacted systems to contain the threat, it also launched an investigation into the incident. The company hired a Digital Forensics cybersecurity firm to investigate the incident. Leaseweb pointed out that it had successfully contained the incident and also improve its security measures to prevent future incidents.
“On the night of August 22, our monitoring systems detected unusual activity within certain areas of our cloud environments. The issue had an impact on a specific portion of our cloudbased infrastructure leading to downtime for a small number of cloud customers. In response to this event, we’ve taken quick and determined steps to reduce potential risks. This includes temporarily disabling certain critical systems impacting the Customer Portal.” reads the notice. “Our teams are working hard to restore the systems and we expect the Customer Portal to be available again within the next few hours. “To make sure our services stay secure and reliable, we’ve put strong containment plans in place and are closely partnering with a respected cybersecurity and forensics firm. Our investigation is ongoing, but we’ve successfully contained the incident, improved our security measures, and havent found any more unauthorized activity.”
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, cyber attack)