Sonetel’s web site subject to DDOS attack

The initial objective seemed to be to use a known vulnerability in WordPress (a content management system for web sites that we use) to break in. This attempt failed, but the strategy of the hackers was later changed to try other inroads for their attack.

The hackers failed to break in, but the load caused our web site to be unavailable until the afternoon of August 3rd.

Our production servers and our telephony service were not affected in any way, as our web site is hosted in a completely different place than our production systems.

Our customer portal at https://portal.sonetel.com also runs in a different space, and was was not affected either.

The web site that was attacked does not store any customer data or hold any sensitive information or access to any of our services. It is just a “dumb” public home page that runs on isolated servers.

The team has implemented preventive measures to fend off the attack, and is taking further actions to avoid this event from occurring again.