Systemstatus
Komponenter
MANUELLT KURATERADStatusen på den här sidan uppdateras manuellt av driftteamet — vi visar hellre en ärlig, kuraterad bild än automatiska siffror vi inte kan stå för än. Automatisk övervakning ligger på roadmappen.
Regioner
Incidenthistorik
SENASTE 30 DAGARNAOngoing service disruption
13 jul 2026We would like to provide you with a further update regarding the ongoing service disruption affecting parts of the Kepler Cloud environment.
Our technical team continues to work with external cybersecurity specialists to investigate the incident, contain the affected systems and restore services in a secure and controlled manner. The available evidence continues to indicate malicious activity generating unusually high volumes of ICMP network traffic, which has caused congestion and intermittent service availability.
Containment measures have improved the overall stability of the environment. However, some services may still experience interruptions while the investigation and recovery work continues.
At this stage, the original point of compromise, root cause and full scope of the incident have not yet been conclusively confirmed. We are therefore taking a cautious approach and validating systems before restoring them to normal operation. This is necessary to reduce the risk of further disruption or reinfection.
The incident remains escalated at our highest level of urgency. We have notified our cyber-insurance provider and engaged a specialised incident-response team to support:
– forensic investigation and identification of the initial point of compromise;
– validation that the affected environment is fully contained;
– assessment of the potential scope and impact of the incident; and
– secure and controlled restoration of customer services.
We currently have no confirmed evidence that customer data has been accessed or extracted. This remains an active part of the investigation, and we will communicate promptly if the assessment changes.
We understand the impact this disruption may have on your operations and sincerely apologise for the inconvenience and concern it has caused. Our immediate priority is to restore services safely while protecting the integrity of the environment.
We will provide another update at 17:00 CET or as soon as there is meaningful new information available.
We would like to provide you with an update regarding the ongoing service disruption.
The incident began approximately 48 hours ago and has affected parts of the infrastructure through unusually high volumes of network traffic. We have confirmed that compromised systems have been generating ICMP-based DDoS traffic, resulting in network congestion and intermittent service availability.
Our technical team has taken immediate action to isolate the affected systems and reduce the impact. These containment measures have improved the stability of the environment, and we are continuing to monitor the situation closely.
At this stage, the original cause, initial point of compromise and full scope of the incident have not yet been confirmed. Due to the nature and potential severity of the incident, we have escalated the matter to our highest level of urgency. All available technical and operational resources are being prioritised.
We have also contacted our insurance provider and are mobilising a specialised cybersecurity incident-response team. Their work will focus on supporting the forensic investigation, confirming the extent of the incident, validating that the environment is fully contained and assisting with a secure and controlled restoration of services.
We understand the disruption and concern this may cause. Please be assured that this is being treated as our highest priority, and we will continue to provide updates as soon as we have verified information regarding the impact, recovery process and next steps.
We sincerely apologise for the disruption and appreciate your patience and understanding.
We have now confirmed that the service disruption is being caused by a large-scale ICMP DDoS attack affecting the infrastructure and network capacity.
Our technical team is actively working to contain and mitigate the attack, restore stable service and identify the source and full scope of the incident. At this stage, we have not yet confirmed how the attack originated or whether it is connected to any underlying compromise, so the root-cause investigation remains ongoing.
We are treating this as our highest priority and will provide another update as soon as we have verified further information and can give a reliable restoration timeline.
We apologise for the disruption and appreciate your patience while we work to resolve the situation.
We are currently investigating an infrastructure-related issue that is affecting the availability and restoration of your services.
At this stage, we have identified abnormal network activity within the environment, but we have not yet confirmed the underlying root cause. Our technical team is actively analysing the affected systems, network traffic and restoration process while taking steps to contain the issue and prevent further disruption.
We do not want to speculate or provide incomplete information. We will share a more detailed update as soon as we have verified the cause, impact and appropriate remediation plan.
We understand the seriousness of the situation and are treating this as our highest priority. We apologise for the disruption and appreciate your patience while the investigation continues.