Fasthosts’ five-hour collapse today has been blamed on a Distributed Denial of Service attack and a security flaw spotted on its Windows 2003 shared web server kit.

The company explained the torrid morning it had suffered in an emailed statement to The Register.

Earlier today, after we reported that Fasthosts had gone titsup, Reg reader x2uk suggested that the firm had been targeted by hackers.

“Some of our customers’ domains seem to have been shifted onto their DNS overnight which may mean something nefarious is afoot,” he told us.

Fasthosts finally responded to our questions just as it was telling its biz customers on Twitter that the service was coming back to life.

It said:

As a result of a denial-of-service attack, Fasthosts shared hosting customers experienced a loss of DNS performance, and as a result, periods of website downtime.

In accordance with its procedures, Fasthosts acted swiftly to resolve the root cause, and has now implemented measures to return the majority of its hosting customers back to full performance.

We apologise for any disruption incurred by our customers this morning as a result of this issue. If any customer has outstanding issues, we ask that they contact our technical support team who will assist them.

Incredibly, the company’s strife didn’t end there: it has also been battling a serious security hole in its Microsoft servers. Fasthosts said:

As a result of our routine and extensive security monitoring, Fasthosts today identified a vulnerability specific to part of its Windows 2003 shared web server platform.

The small affected proportion of our large hosting platform was immediately isolated, and work is being undertaken to investigate and fix the issue as swiftly as possible.

As a precautionary measure, some shared hosting servers on this specific platform have been taken offline, resulting in a small proportion of our hosting customers experiencing downtime. All efforts are being focused on returning this platform to service.

Fasthosts added that “the security of our customer data remains of paramount importance to us.” It claimed to have “excellent levels of security monitoring, systems and resources to keep our customers’ data safe from threats.”

However, the company made no mention of compensation for businesses affected by Monday morning’s outage.

“We apologise unreservedly for the inconvenience caused to those customers affected today, and we remain committed to providing the highest possible standards of service,” Fasthosts said.

Source: http://www.theregister.co.uk/2014/11/17/fasthosts_outage_blamed_on_ddos_hack_attack_and_windows_2003_vuln/