(Resolved) 2016-10-07 14:20 UTC: Degraded performance due to DDoS attack

Last updated: Mon Feb 04 23:48:02 GMT 2019

At approximately 13:00 UTC on October 7th, the ThousandEyes platform experienced a distributed denial of service attack which used large volumes of traffic to saturate our network connections.

While the attack lasted for about 50 minutes, the effects took about 80 minutes before the system was back into a realtime state. During that period, response times from app.thousandeyes.com were longer than normal, or connections may have failed altogether. Data uploads from all Agents to ThousandEyes collector were also affected. Once the attack ended, Agents began uploading locally cached test data.

Service disruption is visible at the following URL: https://vrkcjyfy.share.thousandeyes.com/

The list of incident timings below indicate our service status.

2016-10-07 14:20 UTC: Data is caught up. All services are back in realtime.
2016-10-07 13:50 UTC: Attack mitigated. Access to platform is restored. Data is being processed.
2016-10-07 13:20 UTC: Issue is confirmed as a volumetric attack.  Mitigation processes have been engaged.
2016-10-07 13:00 UTC: Alerts triggered for platform availability.  Our operations team is investigating.