DDoS attack cost Bandwidth.com nearly $12 million

While the VoIP company still beat its earnings projections, the attack caused a $700,000 dent in revenue for Q3.

VoIP giant Bandwidth.com reported its third-quarter earnings on Monday, bringing in a revenue of $131 million. But the company noted in another release that a recent DDoS attack will end up costing them "between $9 million and $12 million" for the full fiscal year. 

While the company still beat expectations for Q3, the financial cost of the attack -- which was first reported by The Record -- illustrates how much damage DDoS incidents can cause. 

The company filed a document with the SEC on October 26 explaining that the attack caused a "decrease of approximately $700,000 in third quarter 2021 revenue from lost transaction volume and customer credits." 

"Based on preliminary usage data and currently known information, the company estimates that the impact of the DDoS attack may reduce CPaaS revenue for the full year of 2021 by an amount between $9 million and $12 million, inclusive of the aforementioned $0.7 million revenue impact in the third quarter," the company said in a filing. 

On an earnings call on Monday, Bandwidth said many of the customers who left the company after the attack have already indicated they may return, and executives noted that they did not pay a ransom to address the attack. 

In September, Bandwidth CEO David Morken confirmed that it was suffering from outages after reports emerged that the service was dealing with a DDoS attack.

Other VoIP vendors like Accent, RingCentral, Twilio, DialPad, and Phone.com were experiencing outages and telling customers that the problems were with an "upstream provider." 

A source, who asked to have their name withheld, told ZDNet that their customers were having major problems with their ported phone numbers and that they could not make any changes like forwarding phones. The company is a downstream reseller of products hosted by Bandwidth and said they knew of a major telecommunications company that "was in emergency mode" due to the situation with Bandwidth.

While the attack caused outages for days and the company reported its expected losses, Morken said it had little impact on its successful quarter. 

"I am proud of our team's performance to combat a series of sophisticated DDoS attacks aimed at Bandwidth and our industry. Despite the impact from the DDoS attack at the end of September, our revenue results for the third quarter exceeded our guidance," Morken said.

"Consistent with our ethos to do the right thing for our customers, we helped some of our customers divert traffic from our platform during the attack to mitigate impacts to their businesses. While that traffic is beginning to come back, we believe we will see a top-line impact of that lost volume primarily in the fourth quarter. We believe we are now stronger than ever and are focused on serving our customers." 

Multiple VoIP companies reported DDoS attacks over the last few months, and Cloudflare researchers said they saw several "record-setting HTTP DDoS attacks," noting the emergence of ransom DDoS attacks on VoIP service providers.

Canada-based VoIP provider VoIP.ms said it battled a week-long, massive ransom DDoS attack earlier this year. The REvil ransomware group demanded a $4.5 million ransom to end the attack.