123-Reg hit with huge scale DDoS attack that left websites and email services offline

Web host's protections kicked in but users took to social media to complain.

123 reg server fail — Web hosting company 123-reg suffered a DDoS attack that disrupted customers' websites 123-reg.co.uk

Website hosting provider 123-Reg has admitted a substantial cyberattack against its main data centre on 2 August took its website offline and disrupted a number of key customer services. The UK-based firm said the attack, which came in the form of a distributed-denial-of-service (DDoS) attack, started at just after 10am BST after an overwhelming amount of internet traffic was directed towards its servers.

In a statement on its website, 123-Reg, which hosts 1.7million websites - 800,000 of which are in the UK - said it fell victim to a "huge scale" DDoS attack of over +30Gbps (gigabits per second).

"Our protection systems kicked in and were able to curtail the majority of the attack," the firm wrote to concerned users. "Our system teams jumped on board and reconfigured the network routing to assist.

"During this time some customers may have had intermittent connection issues to our services, such as our website, control panel, email or their websites. Our team worked very well to contain and restore all network connectivity fast to ensure services were accessible as normal."

It added: "Unfortunately these types of attack cannot be prevented and effect all internet services at some time [...] 123-Reg is sorry for the disruption caused and thank you for your understanding of the situation during this time."

Customers of the service quickly took to social media, in particular Twitter, to complain about the scope of the outages. Furthermore, despite 123-Reg claiming the issue has been resolved, some users are still claiming to have disrupted services at the time of writing.

@123reg @123regHelp cannot send emails or access your website... Any idea what's wrong / when it will be solved?
— Emma Loughlin (@EmLouOnline) August 2, 2016

Our email is currently not working. We haven't received any email since Sunday evening. Hoping it will be fixed soon. (123-reg)
— Rachel (@handmadehen) August 3, 2016

Dave Larson, chief operating officer at Corero Network Security said: "DDoS against hosting providers, or the tenants they serve are a daily occurrence. While most attacks in a hosting provider environment are typically lower in bandwidth and possibly more sophisticated in nature, a 30Gbps attack is not uncommon."

Indeed, evidence suggests that, during the first six months of 2016, the size and scope of DDoS attacks has escalated. Based on analysis by Arbor Networks, the largest attack registered at a massive 579Gbps which, as previously reported, was an increase of over 70% from the biggest attack in 2015.

The outages are not the only trouble 123-Reg users have faced this year. Back in April, it was revealed the firm accidentally deleted hundreds of its customers' websites from the internet during a routine clean-up operation.

123-Reg posted a notice on its support page as of 16 April stating: "Some customers on our VPS [Virtual Private Server] platform may currently experience connectivity issues," it said. However, as reported by The Inquirer at the time, the firm admitted a week after the incident there were a "small number of incidences" where customers' data was lost completely.