Buzzsprout is the target of a DDoS attack
Buzzsprout was the target of a DDoS attack for most of Sunday and Monday. We have posted a full technical postmortem as well as some things you should know about the attack.
It took down the entire website for nearly seven hours in total. These were the real-time updates shared during the attack on Medium and Twitter.
Email & Medium Post about 5:50 PM EST
As many of you know, Buzzsprout has been the target of a DDoS attack for the past few hours. It has taken the site down a few times, and the attack is still ongoing. This means you may not be able to access Buzzsprout right now.
We are really sorry and are working as hard as we can to get the site back online as soon as possible.
A DDoS attack is where somebody spams a server with so many requests that it takes the entire site offline. It’s as if a group of cars intentionally caused a traffic jam on a highway to stop traffic from reaching its destination.
DDoS attacks aren’t uncommon, but this is the first time somebody has taken Buzzsprout offline like this in over 11-years in business. The good news is that they can only take down the site. Your podcasts, data, and personal information have not been accessed or compromised.
The attacker has attempted to extort Buzzsprout to end the attack. Unfortunately, paying them any money isn’t an option because DDoS attackers often use any money you pay them to fund larger attacks.
This is obviously illegal, and we’ve contacted Federal authorities with the information we have about the attacker to bring them to justice.
The entire Buzzsprout team is working hard to ramp up additional infrastructure to mitigate the attacks. But you’ll probably encounter intermittent issues and degraded performance while we’re doing that.
We’ll continue posting updates on Twitter and on Medium to keep you informed.
Here’s a list of FAQ we’ve received from concerned customers:
Has my data been compromised?
No. The only harm done has been that the site has been taken offline.
Your podcasts, data, and personal information have not been accessed or compromised.
What is the ETA for when I can upload my next episode?
We don’t have an ETA right now. We are working with security experts to return full functionality as quickly as possible.
We will continue to post updates on Twitter.
What can we do to help?
We have been able to provide limited access to Buzzsprout since 3 PM, but it may go back down as the attack is ongoing. If you can limit your use of Buzzsprout for the next 24 hours that would be greatly appreciated.
We’re also receiving dozens of emails every minute, so our support team is unable to provide prompt replies to many of your questions.
We will continue to post updates on Twitter and Medium
We are incredibly grateful for all of you that have reached out with kind words on Twitter and Facebook. It means a lot to us that you’ve been so patient and understanding.
Again, we’re so sorry for this inconvenience and are working as hard as we can to bring everything back online as soon as possible.
The Buzzsprout Team
5:56 PM EST - Feb. 21, 2021
The main attack has stopped for now. Everything should be working for most customers. We'll continue to post updates as the attack will most likely start again.
11:12 PM EST - Feb. 21, 2021
Buzzsprout has been fully operational since we posted this blog. We’re continuing to make improvements to our infrastructure and will likely see some downtime in the next hour as we make further improvements.
8:54 AM EST - Feb. 22, 2021
We’re seeing 502/504 error messages sporadically while the attackers bang around our network. If you are getting these errors please know that we are aware and continue our mitigation efforts.
9:35 AM EST - Feb. 22, 2021
Buzzsprout will not pay criminals. This latest attack is more intense on both fronts. Buzzsprout has added significant infrastructure and is weathering better, but the criminals are also throwing more resources at us.
10:14 AM EST - Feb. 22, 2021
We are now blocking about 50% of the attack traffic. Working hard on blocking the rest. The site is operable for some. If you don’t have a critical need to publish right now, staying off of Buzzsprout will help us deliver existing episodes.
11:45 AM EST - Feb. 22, 2021
Buzzsprout has been back online and available since 11:15 AM with reduced functionality. Our network is still under attack, but we’ve been able to dampen its effectiveness. We are aware that some legitimate customer traffic is being blocked. We will continue to open more as quickly and safely as possible.
1:24 PM EST - Feb. 22, 2021
Buzzsprout is stable. Most podcasters are able to log in, most listeners are able to download episodes. We are still aggressively blocking traffic and monitoring as we go. If you cannot access the site or download your podcast episodes, please check again every 30 min. We’re continuing to add more and more safe traffic little by little. The attack has not stopped, but we’re gaining ground.
2:30 PM EST - Feb. 22, 2021
Buzzsprout has been stable since our last report and we believe we’re on the other side of this attack. Our technical team will prepare a full post-mortem and publish it on our blog later this week. Thank you all for sticking with us. If you are seeing any lingering issues, please reach out to our support team.
7:00 PM EST - Feb 22, 2021
Buzzsprout hasn't had any outages since our last update. We'll be planning to release a play-by-play of what happened on Buzzcast later as well as a full technical postmortem later this week.