Cyber Incident Victim: Typepad

TypePad experienced multiple distributed denial-of-service (DDoS) attacks in April and May 2014, causing extended service disruptions. The first confirmed attack occurred in April, lasting nearly five days with intermittent outages. SAY Media, TypePad’s parent company, characterized this attack as similar to one targeting Basecamp and involved third-party mitigation services CloudFlare and Fastly to restore operations. During the April incident, attackers issued a ransom demand after disabling services, a pattern consistent with other DDoS campaigns against companies like Meetup and Basecamp. SAY Media confirmed cooperating with the FBI regarding the ransom note but did not disclose technical specifics of the attack or the demanded amount.

On May 19, 2014, TypePad reported another outage starting at 6:00 AM PT, initially attributing it to a renewed DDoS attack. Engineering VP Paul Devine stated the company was again collaborating with CloudFlare and Fastly, expressing confidence the disruption would be short-lived. However, the company acknowledged uncertainty about the root cause during early investigations, leaving open the possibility of a non-malicious network failure. By mid-morning, partial service resumed for some blogs, but www.typepad.com remained inaccessible, displaying only CloudFlare’s cached "Always Online" version. SAY Media’s corporate site (www.saymedia.com) loaded slowly but exhibited a "fatal error" message. The incident impacted SAY Media’s portfolio of hosted blogs, including ReadWrite, xoJane, and Fashionista. No new ransom demands were confirmed in the May event, though the company faced criticism for recurring outages and insufficient transparency with customers regarding attack frequency and root causes.