TelstraClear is warning its Paradise.Net customers of an attempted attack on its internal servers late last week.
TelstraClear spokesman Mathew Bolland says the company noticed "unusual activity" on one of its servers.
"We didn't have time to send out an email to customers warning them that we were about to drop one of the servers, we just had to do it." Bolland says email service would have been slow for several days, from Thursday through the weekend, and that some Paradise.Net home pages would have been offline. He recommends users check their data and change any passwords just to be on the safe side.
TelstraClear is currently assessing the situation and may be talking with the police at a later date, although Bolland says the attack "probably" came from overseas.
Marten Kleintjes, national manager of the police e-crimes labs, says he hasn't heard from TelstraClear yet but would recommend ISPs contact the police as soon as possible after discovering such an attack.
"We are part of the G8 sub-group on high tech crime." Even if the cracker were based overseas, Kleintjes says he can contact the police in that jurisdiction to put in place an action plan.
"First of all we move to preserve the evidence, so they would be in touch with ISPs over there for server logs and get out the preservation orders."
Clear.Net, TelstraClear's other ISP, wasn't affected by the attack, Bolland says.