GetResponse CEO Statement Regarding the DDoS Attack (UPDATED)


UPDATE – Great news: We have managed to restore our outbound mailing capability. All emails that have been scheduled in the past days will now be sent, however it may still take up to several hours in order to provide the best possible deliverability.

Newly scheduled emails may have a bit longer delivery time as we are dealing with a quite large volume of emails that were scheduled in the past few days.

If you have any questions about your newsletters or account, please contact our Customer Service Department at (GetResponse 360 customers, please contact your Account Managers).


Dear GetResponse Customer,

As you may know, GetResponse has had a pretty rough weekend… We suffered a major outage caused by a DDoS (distributed denial of service) attack on an unprecedented scale, which has flooded our network and our data center (Windstream) with malicious traffic.


What happened?

On Saturday, after hours of working together with our data center Windstream (including their directors and VP-level executives), we received information that they have failed to mitigate the attack and of their decision to block our network connectivity until a powerful DDoS mitigation service can be fully implemented.

When GetResponse went down, the morale of the GetResponse community didn’t. We saw an amazing display of support and we would like to thank our customers for rooting for us.

Twitter _ Search - @getresponse Screen Shot 2014-04-29 at 8.23.44 PM Image 4-29-14 at 8.50 PM Image 4-29-14 at 8.54 PM


What’s the current status?

We brought many of the services back online on Sunday (websites, web subscriptions, API, web forms, surveys, landing pages). We had another attack on Monday, but we fully mitigated it, with no downtime, thanks to our new mitigation solution.

We are still working on resolving the issues with email delivery and anticipate to have a complete resolution within the next couple of days. We are literally working on this around the clock, with involvement of VP-level executives from our data center and DDoS mitigation partners.


What is GetResponse doing to mitigate the attacks?

Over last 15 years we have repelled many DDoS attacks using our infrastructure. More recently, we employed CloudFlare Enterprise solution that has helped us to deal with previous attacks in March and April. Unfortunately, the scale of last weekend’s attack has been so huge that it overran our current mitigation solution, and we needed to come up with a new plan.

After a conference call with our data center, within minutes we got in touch with Akamai, the world’s leading DDoS mitigation provider, with 1.8 Tbps mitigation bandwidth. We asked them to deploy an “always on” clean-pipe DDoS scrubbing service for GetResponse. This is the most advanced type of protection available on the market (also most expensive). It scrubs all inbound traffic for malicious packets of data and returns only “clean” traffic to our data center.

In total, we are spending close to half a million dollars in mitigation solutions, hardware, connectivity and other upgrades.


Why was GetResponse attacked?

This wasn’t the first attack that GetResponse has encountered recently. We endured several other attacks in March and April. And we weren’t alone…

Over the last two months this criminal has targeted many other large Internet companies, putting them offline as a consequence. These include Meetup, Shutterstock, MailChimp, Fotolia, Basecamp, oDesk, SurveyGizmo, MadMimi, OkCupid, HootSite, Typepad, Elance, Aweber and others. It is unfortunate, but these types of attacks are becoming much more frequent in today’s environment.

Why would anyone attack well-meaning companies disrupting their business?

This email explains it all:

Subject: DDoS attack, warning

I don’t have to explain myself anymore. I will stop the attack for 1.2 Bitcoin (≈ $750).

Your network will be safe from further attacks coming from several botnets, think twice before making your final decision, as even the best global DDoS mitigation won’t be able to handle easily the incoming new Amp. methods.

Let me know if you are interested in my offer.

We weren’t interested, and won’t ever be, even if they continue to attack us. The low “offer” ($750) was just bait, and we know they’d come back for more. Paying would only encourage them to attack other companies. Besides, we are confident that we can protect ourselves in the future with the mitigation plan we’ve put in place. But above all, paying criminals is simply the wrong thing to do.

I sincerely apologize for this outage. We care about you, our customers, and we know that you rely on us to get your emails out to the world. Since the attacks, we’ve been working day and night to get the mitigation in place.

I thank you for your trust, your support and your loyalty during these difficult moments.


Simon Grabowski




PS.: If you have any questions about this issue, please contact our Customer Service at (GetResponse 360 customers, please contact your Account Managers).