Cyber Incident Victim: Linode

Linode experienced a series of distributed denial-of-service (DDoS) attacks throughout early September 2016, with confirmed incidents occurring on September 2, September 4, and multiple attacks on September 5. These disruptions continued with another wave on September 10, marking at least ten separate attacks during the first ten days of the month. The attacks varied in duration, with some persisting for up to eight hours while others were shorter-lived – notably, an attack on the Tokyo data center lasted only ten minutes. Primary targets included three data center locations: Singapore, Atlanta, and Tokyo. During these events, Linode documented degraded performance affecting both application programming interfaces (APIs) and entire data center operations. The company's status logs indicated that engineering teams consistently detected and mitigated attacks within approximately thirty minutes of onset.

Linode's response demonstrated improved defensive capabilities compared to its prolonged ten-day outage during January 2016. The cloud provider employed specialized anti-DDoS tools that enabled rapid attack deflection, though recurring assaults still caused intermittent service degradation. While all attacks were successfully mitigated without complete service outages, the repeated incidents necessitated ongoing operational adjustments. The September 10 attacks specifically impacted weekend operations across multiple geographical regions simultaneously. Technical staff maintained transparency through service status updates that documented attack durations, affected infrastructure components, and restoration timelines without disclosing specific mitigation techniques or attacker origins. This incident series highlighted persistent targeting of Linode's infrastructure while demonstrating the company's enhanced capacity to limit attack durations compared to previous major incidents.