Leaseweb is restoring ‘critical’ systems after security breach

Leaseweb, one of the world's largest cloud and hosting providers, notified people that it's working on restoring "critical" systems disabled following a recent security breach.

In emails sent to customers on Thursday, the Dutch cloud provider says it discovered signs of "unusual" activity in some parts of its infrastructure on Tuesday night while investigating Customer Portal downtime issues.

Leaseweb took down some of the impacted systems to mitigate security risks and says that its teams are now working to restore critical systems affected in this incident.

"On the night of August 22, our monitoring systems detected unusual activity within certain areas of our cloud environments. The issue had an impact on a specific portion of our cloud-based infrastructure leading to downtime for a small number of cloud customers," the company said.

"In response to this event, we've taken quick and determined steps to reduce potential risks. This includes temporarily disabling certain critical systems impacting the Customer Portal. Our teams are working hard to restore the systems and we expect the Customer Portal to be available again within the next few hours."

Following the attack, Leaseweb has hired the services of a Digital Forensics and Incident Response (DFIR) cybersecurity to investigate the security incident and contain the attack.

"To make sure our services stay secure and reliable, we've put strong containment plans in place and are closely partnering with a respected cybersecurity and forensics firm," the hosting company added.

"Our investigation is ongoing, but we've successfully contained the incident, improved our security measures, and haven't found any more unauthorized activity."

Leaseweb, one of the globe's major cloud computing and web services providers, has a portfolio of over 20,000 customers ranging from small and medium-sized businesses to high-profile corporations.

With over 80,000 servers, Leaseweb has provided mission-critical infrastructure since 1997 and operates 25 data centers across Europe, Asia, Australia, and North America.

A Leaseweb spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today.