Cyber Incident Victim: Freeparking
Date:
Jun 2015
Location:
United Kingdom
Summary
Freeparking experienced a significant DDoS attack targeting its DNS servers, causing widespread service disruptions including domain resolution failures, email outages, and inaccessible hosted websites for customers. The incident compounded existing frustrations from a prior migration issue that had already left some users without email access for over a week. The company coordinated with its data center team to mitigate the attack, restoring services after sustained efforts, with its CEO acknowledging the severity of the incident and committing to implement defensive improvements. While initial customer reactions highlighted operational impacts across businesses, some later expressed gratitude once services resumed.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Freeparking, an email and hosting provider, experienced a significant DDoS attack on June 9, 2015, disrupting critical services for customers. The attack began around 8:50 AM, targeting the company's DNS servers and rendering domains unresolvable for clients relying on Freeparking's name servers. Hosted websites and email services became inaccessible during the outage, with some customers reporting complete loss of email functionality. This incident compounded existing customer frustrations stemming from a prior migration issue that had left some without email access since May 25—a service disruption lasting over a week before the DDoS occurred. Customers publicly documented the attack's impact through social media, noting how it affected business operations for multiple companies while sparing media assets hosted elsewhere. The company acknowledged the attack via Twitter and a public statement, confirming coordination with their data center team to mitigate the disruption. Technical staff worked continuously to restore DNS functionality as the attack progressed throughout the publishing day, with ongoing customer reports confirming persistent issues during response efforts.
The company's chief executive, Paul Lomax, characterized the DDoS as severe and confirmed post-incident reviews between technical and data center teams to analyze findings. These discussions aimed to identify necessary changes for improving future attack mitigation, though specific technical adjustments weren't disclosed publicly. Service restoration prompted customer acknowledgments on social media and comment sections, which Lomax highlighted as demonstrating patience during the crisis. The attack's resolution concluded a challenging period for Freeparking that had begun with migration-related outages weeks earlier, though the DDoS incident represented a distinct disruption window concentrated on June 9. No threat actor attribution, ransom demands, or attack vector specifics were provided in available statements. The company's public communications focused exclusively on service impact and restoration timelines rather than attack origins or forensic details.