Bandwidth CEO confirms outages caused by DDoS attack

The service was still experiencing partial outages on Tuesday afternoon.
Written by Jonathan Greig, Contributor

Voice over Internet Protocol (VoIP) services company Bandwidth.com has confirmed that it was suffering from outages after reports emerged on Monday night that the service was dealing from a DDoS attack.

Bandwidth CEO David Morken said in a statement that "a number of critical communications service providers have been targeted by a rolling DDoS attack."

"While we have mitigated much intended harm, we know some of you have been significantly impacted by this event. For that I am truly sorry. You trust us with your mission-critical communications. There is nothing this team takes more seriously," Morken said. 

"We are working around the clock to support your teams and minimize the impact of this attack. Our account managers and support teams have been actively reaching out to customers individually to address any issues. We will not rest until we end this incident, and will continue to do all we can to protect against future ones."

In an earlier statement, the company told ZDNet that Bandwidth "has experienced intermittent impacts" to its services.

"All our services are currently functioning normally. Our network operations and engineering teams are continuing to monitor the situation and we are actively working with our customers to address any issues. We will post updates to status.bandwidth.com as we have additional information to share," the company said.

Since that statement was shared, the company has updated the status showing partial outages for a number of inbound and outbound calling services. 

Bleeping Computer was the first to report on Monday evening that Bandwidth.com was facing issues because of a distributed denial of service attack, which are routinely targeted at VoIP providers. 

The news outlet noted that other VoIP vendors like Accent, RingCentral, Twilio, DialPad and Phone.com were experiencing outages and telling customers that the problems were with an "upstream provider."

On its Cloud Service Status page, Accent said on Tuesday that the "upstream provider continues to acknowledge the DDoS attack has returned to their network however we are seeing a very limited impact to inbound calling for our services." 

"Mitigation steps are being put in place to route inbound phone numbers around the upstream carrier the impact to service grows. We will continue to monitor the situation and update the status as appropriate," Accent wrote. 

A source, who asked to have their name withheld, told ZDNet on Monday that their customers were having major problems with their ported phone numbers and that they could not make any changes like forwarding phones. 

The company is a downstream reseller of products hosted by Bandwidth and said they knew of a major telecommunications company that "was in emergency mode" due to the situation with Bandwidth. 

Just a few weeks ago, Canada-based VoIP provider VoIP.ms said it was still battling a week-long, massive ransom DDoS attack. The REvil ransomware group demanded a $4.5 million ransom to end the attack. 

Recent reports have said DDoS attacks are becoming more frequent, more disruptive and increasingly include ransom demands. 

Cloudflare said last month that its system managed to stop the largest reported DDoS attack in July, explaining in a blog post that the attack was 17.2 million requests-per-second, three times larger than any previous one they recorded.

Editorial standards