Some systems are experiencing issues. — All WAYSCloud services are monitored in real time.
This page provides real-time information about a service incident affecting WAYSCloud systems.
Resolved (22:10 CEST): The distributed denial-of-service (DDoS) attack has been fully mitigated and all services — including the Norwegian DNS nameserver — have returned to normal operation. No customer accounts were compromised and no customer data was affected. This incident is now resolved. For the full incident report and technical details, see our Trust Center: https://trustcenter.wayscloud.eu/reports/WAYSCLOUD-TR-2026-0021/global-attack-activity-mitigated
Status update (21:14 CEST): The attack has now been brought under control — both through our own mitigation and a wind-down by the actor(s). The event consisted of an extreme peak in the first hour, followed by a second wave in the second hour. Traffic load is now considerably reduced. We are continuing to monitor the service closely.
We are currently observing slowness in the customer dashboard and APIs. This is driven primarily by the extreme volume of traffic being directed at the company's edge surface, and is not a direct impact on customer systems.
Mitigation is active and the majority of attack traffic is being identified and filtered before it reaches customer-facing services. Core infrastructure remains operational and no customer accounts have been compromised. We continue to monitor closely and are keeping the affected Norwegian components flagged while pressure remains elevated.
Full technical details are published in our Trust Center: https://trustcenter.wayscloud.eu/reports/WAYSCLOUD-TR-2026-0021/global-attack-activity-mitigated
The activity has been confirmed as a coordinated, botnet-like distributed denial-of-service (DDoS) attack directed at our nodes, with traffic observed from a very large number of unique sources across many countries. Our Norwegian infrastructure (shared hosting and DNS) is the primary target. Mitigation has been engaged.
We detected a significant spike in malicious, automated traffic targeting our public-facing infrastructure, with the primary impact on our Norwegian nodes. We are investigating.