Cyber Incident Victim: Square Enix Co., Ltd.

In mid-June 2017, Square Enix confirmed that third-party actors launched distributed denial-of-service (DDoS) attacks targeting the North American data center hosting FINAL FANTASY XIV game servers. The company initially mitigated these attacks through defensive measures implemented at their own facilities, successfully minimizing service disruptions for players during this early phase. Attacks persisted throughout June without significant degradation of gameplay connectivity, as Square Enix's infrastructure absorbed the impact through localized countermeasures. This containment strategy maintained relatively stable server operations despite the ongoing malicious activity directed at their network resources.

By July 2017, attackers shifted tactics to target upper-tier internet service providers (ISPs) critical for routing traffic to the game servers rather than directly attacking Square Enix's infrastructure. This strategic pivot caused intermittent communication failures between players and the NA data center, manifesting as sudden disconnections during login attempts and gameplay sessions. Square Enix acknowledged their inability to unilaterally resolve these ISP-level attacks and established coordinated defenses with the affected telecommunications providers. The ISPs sequentially implemented protective measures that reduced attack effectiveness, though the company warned that recurrence remained possible. Service interruptions diminished following these collaborative mitigation efforts, but Square Enix maintained vigilance through continued ISP partnerships and infrastructure monitoring. Player experiences improved gradually as network stability returned, though the attacks underscored vulnerabilities in upstream dependencies beyond the company's direct control.