Cyber Incident Victim: 123-Reg
Date:
Aug 2016
Location:
United Kingdom
Summary
A UK-based web hosting provider experienced a significant DDoS attack targeting its primary data center, causing widespread service disruptions including website outages, intermittent access to control panels, and email service failures. The company's mitigation systems curtailed most of the attack impact, though customers reported prolonged connectivity issues across platforms during and after the incident. Social media platforms saw numerous user complaints regarding unresolved service interruptions despite the provider declaring network restoration.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On 2 August 2016, UK-based web hosting provider 123-Reg experienced a significant distributed denial-of-service (DDoS) attack targeting its primary data center. The incident began shortly after 10:00 AM BST when malicious actors directed overwhelming volumes of internet traffic toward the company's servers, causing widespread service disruptions. This cyberattack forced 123-Reg's main website offline and impaired multiple critical customer services simultaneously. The company's automated protection systems activated in response, successfully mitigating the bulk of the malicious traffic. During the attack's peak intensity, customers experienced intermittent connectivity issues affecting access to 123-Reg's control panel, email services, and their hosted websites. Technical teams worked urgently to contain the attack and restore full network functionality across affected systems.

Customer impact manifested rapidly through social media platforms, particularly Twitter, where users reported extensive service outages beyond what the company initially acknowledged. Despite 123-Reg's official statement confirming attack containment and service restoration, multiple customers continued reporting unresolved connectivity problems at the time of media reporting. The incident exposed vulnerabilities in the company's infrastructure resilience, though no data breaches or system compromises beyond service availability issues were disclosed. Service interruptions affected both business and personal users reliant on 123-Reg's hosting platform, with downtime duration varying based on individual service configurations and network dependencies. The company maintained communication throughout the incident but faced criticism regarding transparency about the attack's full scope and restoration timelines.
