Virtual private server service ThrustVPS has been targeted by cybercriminals over the weekend. Some services have been disrupted due to the attack, but currently all systems should be restored.
“We apologise for the issues experienced with our services over the weekend. This was caused by a phishing & DDOS attack on our systems,” ThrustVPS representatives noted on Twitter.
They claim that some user accounts might have been “briefly at risk.” However, since immediate action was taken, it’s unlikely that the attackers had enough time to copy the customer database.
Furthermore, the company says there’s no evidence that any customer data has been taken. However, The Register reports that users have been asked to change their passwords as a precaution.
In an email sent out to customers, ThrustVPS has also clarified that the cybercriminals abused their servers for a phishing attack. The attackers uploaded their own files to the organization’s WHMCS installation.
Additional security measures are being put in place to prevent future attacks.