For a brief amount of time on Saturday, web hosting company Leaseweb (leaseweb.com) experienced a DNS hijacking. The company, however, moved quickly to solve the problem and stated, in a company blog post, that client data were not hurt or accessed.
The company explained:
Last weekend the . . . website was unfortunately a direct target of cybercriminals itself. For a short period of time some visitors of leaseweb.com were redirected to another, non-LeaseWeb IP address, after the leaseweb.com DNS was changed at the registrar.
This DNS hijack was quickly detected and rectified by LeaseWeb’s security department. Although it seems to have had only superficial effects, we seriously regret this event from happening. Our security investigation so far shows that no domains other than leaseweb.com were accessed and changed. No internal systems were compromised. One of the security measures we have in place is to store customer data separately from any publicly accessible servers; we have no indication that customer data was compromised as a result of this DNS hijack.
The company is presently not sure about the details of this hijacking. However, they are investigating the incident in order to take preventative measures for future threats. This is a great case in which a company acted quickly to protect their clients. Indeed, even though Leasweb was attacked they still managed to avoid downtime for their clients. In addition, with protective measures in place, the data of their clients were not compromised.
