LeaseWeb compromised?


Just a dude
vpsBoard Founder
Dear LeaseWeb Customer,

As one of the largest hosting companies in the world, we know cyber-attacks are an unfortunate reality for online businesses. That is why we have a dedicated team of security specialists to defend the infrastructure that supports both our customers and our internal systems.

As a result of a routine security audit, LeaseWeb has reason to believe some credentials of one of its employees were recently compromised by a very sophisticated and targeted attack. Our investigation currently indicates that these credentials were used to access our ticketing system, our log files show access was requested to some of the tickets that you have created. As a precaution, we advise you to change all the passwords that were communicated via these tickets in the last six months.

LeaseWeb deeply regrets the occurrence of this incident. Our security team has worked diligently to address the incident, and has taken the following steps:

Affected customers were informed; to prevent unauthorized access to their servers, they were requested to change the credentials they submitted or received via the ticketing system during the last six months

Dutch national law enforcement was informed and we are currently assisting them with their investigation

A plan to remove external access to the ticketing system has been implemented

Two-factor authentication for our internal systems is currently being studied

We deeply value the trust of our customers and will work aggressively to prevent this type of event from occurring in the future. Again, we regret any inconvenience this may cause you. If you would like to receive additional information, please contact our security team via [email protected].

Kind regards,

LeaseWeb Security

Did anyone else get this? Keep us updated with their communication.