Internet Solutions (IS) has confirmed that its internal monitoring systems have detected “irregular activity” on some of its virtual services.
This comes after the company sent a notice to clients to warn them about a breach – and urged them to change their passwords and take additional steps to secure their servers.
“We have taken immediate action to investigate this matter, establish the root cause, and take the necessary mitigating steps,” IS CTO Kervin Pillay told MyBroadband.
“As this is still under investigation we are not yet in a position to confirm all details.”
Pillay said that Internet Solutions is committed to keeping its clients informed as it works to resolve the issue. The company has already contacted its clients, and is working with them to ensure their environments are secure.
“We encourage any of our clients that may have any concerns to notify IS through existing support channels as soon as possible,” he said.
A notice signed by Pillay informed clients that IS detected a security breach in the following environments:
- Cloud Virtual Services
- Standard Virtual Machine
- Virtual Data Centre
- Leased Server
There was no “irregular activity” in its Cloud Virtual Machine and Ignite Cloud Server environments.
“To ensure your protection, we are implementing additional security measures to further enhance our hosting service security controls,” Pillay said.
He added that clients should take the following steps as a matter of priority.
- Change the password for each of your virtual and physical machines hosted in Internet Solutions’ data centres.
- Disable any accounts that you did not specifically create.
- Investigate and report all irregular activity on your virtual machines immediately, including malware.
- Remove remote access from Internet-based sources, and restrict to known trusted hosts for all remote access protocols.