Cyber Incident Victim: Daybreak Games
Date:
Jul 2015
Location:
Finland
Summary
Daybreak Games experienced a distributed denial-of-service (DDoS) attack by the Lizard Squad hacker group following public threats made by its CEO against a convicted member of the group. The attack disrupted access to online games, forums, and websites, causing persistent connectivity issues, lag, and disconnects for users. This incident occurred after the company executive openly contemplated legal action against the hacker, highlighting operational vulnerabilities to retaliatory cyberattacks. Service interruptions continued intermittently despite initial recovery efforts, affecting multiple platforms under the organization's management.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On July 10, 2015, Daybreak Games experienced a Distributed Denial of Service (DDoS) attack targeting its online games, forums, and websites following public threats exchanged between company president John Smedley and convicted Lizard Squad hacker Julius Kivimaki. The conflict originated when Smedley, former Sony Online Entertainment chief and current Daybreak president, publicly threatened Kivimaki on Twitter regarding potential civil litigation against the hacker and his parents. This occurred after Finnish authorities declined to imprison Kivimaki despite his involvement in over 50,000 hacking convictions. The DDoS attack commenced shortly after these threats, causing widespread service disruptions affecting games including Planetside 2. Initial reports indicated the attack subsided within hours, but Daybreak's official Twitter account subsequently confirmed ongoing connectivity issues characterized by player disconnections, server lag, and intermittent inability to access game servers or company web properties.
Daybreak Games responded to the incident through real-time public communications via Twitter, acknowledging the technical problems and confirming their technical team's awareness of the situation. The company provided no detailed mitigation timeline or technical specifics about the attack vectors beyond confirming it as a DDoS incident. Smedley expanded on his position through a Reddit comment expressing personal frustration with Kivimaki's legal immunity, though the statement's full text was truncated in the source material. Service disruptions persisted intermittently throughout the incident period, directly impacting player access to multiple game titles under Daybreak's management. The attack occurred against a backdrop of existing cybersecurity challenges faced by the company, though no comparative metrics regarding attack duration or severity relative to prior incidents were provided in the source material. Public discussion highlighted broader concerns about legal systems' capacity to address cybercrimes effectively given the attacker's documented history of malicious activities without resulting incarceration.