(Resolved) 2016-10-07 08:20 UTC: Degraded performance due to DDoS attack

Last updated: Mon Feb 04 23:48:02 GMT 2019

At approximately 07:00 UTC on October 7th, the ThousandEyes platform experienced a distributed denial of service attack which used large volumes of traffic to saturate our network connections.  While the attack lasted for a little over an hour, the effects took about 80 minutes before the system was back into a realtime state. During that period, response times from app.thousandeyes.com were longer than normal, or connections may have failed altogether.  Data uploads from all Agents to ThousandEyes collector were also affected. Once the attack ended, Agents began uploading locally cached test data.

Service disruption is visible at this URL: https://nygfomz.share.thousandeyes.com/

Note: we've corrected some timings in the list below as of 12:53 UTC.  In our haste to get information to you, some keys were fat fingered, which made some dates and times incorrect.  The dates in the table below are correct.  We'll continue to update this article as we get more information, and apologize for any issues related to the accuracy of messages that were sent out.

2016-10-07 08:20 UTC: Data is caught up.  All services are back in realtime.
2016-10-07 07:50 UTC: DDoS attack mitigated.
2016-10-07 07:13 UTC: DDoS attack mitigation processes started
2016-10-07 07:00 UTC: DDoS attack started.