We have found that one of our client's VPS has been hacked. It sent and received more than 4 million packets in a short time saturating our network.
The VPS has a firewall installed, but the VPS owner is currently out of the country and not responding to emails.
I believe he is offering free hosting with automated setup of the accounts. (Not a good idea by the way).
The VPS has been disabled.
We do not foresee any further issues with this, so this thread will no longer be updated.