Summary
- AlexHost said its Netherlands infrastructure went offline after power was cut to equipment colocated through MIRhosting at an nLighten data centre.
- nLighten told trade press it had terminated its service relationship with MIRhosting after cooperating with Dutch authority investigations.
- The incident links cyber-risk scrutiny, sanctions-related investigations, contractual dependency, and customer continuity inside the colocation chain.
A Netherlands hosting outage involving MIRhosting, nLighten, and AlexHost has shown how legal and security exposure inside the colocation chain can become a physical continuity problem for downstream customers.
AlexHost said in a public LinkedIn update that all of its infrastructure hosted in the Netherlands went offline on June 2 after power was disconnected to equipment belonging to companies colocated through MIRhosting at an nLighten data centre. The company said its chief executive and chief technology officer travelled to the Netherlands to resolve the situation on site, while its Moldova team handled customer communications, refunds, and temporary server replacements.
AlexHost said it recovered its servers by June 16 and migrated them to a new data centre under a direct contract. It said client data remained safe and intact during the incident, with access restricted because of the data centre lockout rather than a data-loss event.
nLighten told DatacenterDynamics that it was aware of investigations by Dutch authorities into MIRhosting and other companies and individuals, and that it had cooperated with those investigations. nLighten said MIRhosting had been a customer leasing space for its equipment and that the relationship and associated service provision had been terminated.
The episode sits against a wider investigation into hosting infrastructure allegedly connected to Russian cyber activity and sanctions breaches. KrebsOnSecurity reported in May that Dutch authorities had arrested two men connected to related hosting companies and seized more than 800 servers. MIRhosting has previously denied active involvement and said it cooperates with competent authorities.
The contract chain becomes the fault line
Colocation risk does not stop with the operator whose name is on the building. Customers may be several contractual layers away from the underlying facility owner or data centre platform. A reseller, hoster, managed service provider, or network intermediary can sit between the end customer and the party controlling physical access, power, and racks.
That structure allows smaller providers to offer services in multiple geographies without owning facilities. It also creates fragility. If the intermediate provider becomes subject to legal, sanctions, law-enforcement, payment, or contractual action, customers downstream may discover that their equipment, access, or service continuity depends on relationships they do not control.
AlexHost’s update makes that exposure concrete. The company said it has moved to a direct data centre contract to improve operational independence and infrastructure resilience. The change addresses a structural weakness: when access to equipment depends on a third party’s standing with a colocation provider, continuity planning has to include legal and contractual failure modes alongside power, cooling, network, and cyber incidents.
Data centre resilience is increasingly a combined physical, cyber, and governance discipline. The MIRhosting case shows why. The technical infrastructure may be intact, and customer data may remain in place, while service is still unavailable because power has been disconnected or physical access has been restricted. Under those conditions, business continuity depends on contractual rights, escalation routes, spare capacity, and the ability to migrate workloads under pressure.
Security scrutiny reaches the cage
European governments are paying closer attention to hosting providers, network operators, and data centre tenants that may support cyberattacks, sanctions evasion, disinformation, or illicit services. That scrutiny is likely to intensify as data centres are treated less as neutral real estate and more as critical infrastructure.
Facility operators face a difficult balance. They need to support lawful investigations, manage sanctions and abuse risk, protect other customers, and preserve the integrity of the site. Downstream customers may still suffer outages even where they are not accused of wrongdoing. That creates reputational and operational risk across the stack.
For colocation providers, the case reinforces the need for tenant due diligence, acceptable-use enforcement, contractual clarity, and incident playbooks that account for innocent downstream users. For customers, it strengthens the case for understanding who controls power and access, not only who invoices the service.
The incident also complicates simple uptime thinking. Traditional resilience planning often centres on dual power feeds, generator autonomy, cooling redundancy, DDoS protection, and backup connectivity. Those remain essential, but they do not address the risk that a service chain is interrupted by regulatory, legal, or sanctions-related action. In an increasingly politicised security environment, governance failure can look like infrastructure failure from the customer’s perspective.
No final public account has reconciled every party’s position. AlexHost has described the customer impact and migration. nLighten has confirmed termination of its relationship with MIRhosting. MIRhosting has previously denied active involvement in the broader allegations and said it cooperates with authorities. The unresolved questions are whether affected downstream customers had any direct recourse to the facility operator, how much notice could legally or practically have been given, and what safeguards can prevent unrelated customers becoming collateral damage in future enforcement actions.
The immediate lesson is practical. Data centre resilience now depends on counterparty risk, regulatory exposure, and the contractual distance between the customer and the physical infrastructure carrying the load.

