Posted on November 9, 2021 at 3:49 PM
Bandwidth Says It Lost Nearly $12 Million Due To A DDoS Attack
Global enterprise cloud communications company Bandwidth.com released its financial results for the third quarter of the year. However, in another report, the firm admitted that it lost nearly $12 million to a DDoS attack this year.
The financial report showed that Bandwidth still surpassed its earnings projections, although the attack caused a $700,000 drop-in its revenue for Q3.
The firm explained the attack in a document filed to the SEC on October 26, showing a decrease in revenues from customer credits and transaction volume.
Bandwidth also noted that it lost some customers after the attack. However, many of them have indicated interest to return to the firm after assuring them of better DDoS protection. The executives also stated that no ransom was paid to the hackers to address the incident.
The Outages Affected Other VoIP Vendors
Chief Executive Officer of Bandwidth, David Morken, confirmed in September that the platform suffered outages following a DDoS attack. The outages also affected other VoIP vendors like Phone.com, DiaPad, Twilio, and RingCentral. At the time, Bandwidth told customers that the issue was coming from an “upstream provider.”
An insider, who wanted to remain anonymous, said customers were having serious issues with their ported phone numbers. They were also experiencing challenges making changes such as forwarding phones. The DDoS attack on Bandwidth caused one of the vendors to remain in “emergency mode”, causing untold difficulties for the customers. The source said the affected company was a reseller of products hosted by Bandwidth.
Attack Caused Little Damage To Q3 Revenues
The company noted that the DDoS attack caused the platform to remain out of service for several days. However, it didn’t do much to have any heavy impact on Bandwidth’s successful quarter.
“I am proud of our team’s performance to combat a series of sophisticated DDoS attacks aimed at Bandwidth,” Morken stated.
He added that the company’s revenue for the third quarter of the year exceeded the projections despite the financial loss suffered from the attack.
Morken also said the company assisted its customers to divert traffic from its platform to reduce the impact of the attack on their businesses. As soon as the attack was discovered, Bandwidth’s DDoS mitigation protocols kicked in to make sure the impacts on the platform and its customers are minimal.
He added that the impact of the attack may not be visible in the third quarter, a top-line impact of the incident may be very visible during the fourth quarter.
Nevertheless, Morken reiterated that Bandwidth is more secure than before and will continue to offer more protection to customers against such attacks in the future.
Bandwidth Pushes On Despite The Setback
One of Bandwidth’s largest customers signed a contract extension for global service in the third quarter, which has helped to boost the company’s revenue.
Bandwidth said the deal was possible after the global reach is achieved with the acquisition of Voxbone. the testing of voice and messaging has already begun in the fourth quarter and the company expects to boost its revenues from the acquisition starting from the first quarter of 2022.
Bandwidth stated that it has put the setback caused by the DDoS behind, and has already improved the strength of its security to prevent further attacks in the future.
DDoS Attacks Rising Over The Past Few Months
There has been an increasing number of DDoS attacks on organizations over the past few months. According to researchers at Cloudflare, more DDoS attackers are now launching attacks on VoIP service providers than ever before. The researchers say they discovered record-setting HTTP DDoS attacks on organizations.
VoIP.ms, a Canada-based VoIP provider, announced that it suffered a massive DDoS attack that lasted for one week earlier this year.
The notorious REvil ransomware gang claimed responsibility for the attack and demanded $4.5 million as ransom to stop the attack.
According to a report by BleepingComputer, the DDoS attack affected its domain name service (DNS) infrastructure. Days after the attack was discovered, the company’s website remained unreachable, which shows the level of complexity of the attack.
VoIP, which claims to have more than 80,000 customers in 125 countries, apologized for the attack and assured its customers of a stronger security network.
The firm also warned that the firm was still being targeted by what is called a ‘ransom DDoS attack.’ VoIP has been able to bring its networks under control as normal service has since returned. But it’s not clear whether VoIP paid the ransom or how it was able to get its systems back into normal service.
