Detailed update on our recent downtime

On Saturday 7th of June 2014, from 4pm GMT, we experienced downtime for several hours due to a DDoS-attack. We want to let you know what happened and how we handled the issue. Be assured that your personal information was, and will remain, completely secure. The DDoS attack did not target any user information and only affected availability of the service.

The attack affected Deezer on all platforms and was the result of a distributed denial-of-service (DDoS), which is an attempt to make a machine or network resource unavailable to its intended users due to server overload. The first small attack was detected on Friday morning, but did not impact the service. On Saturday 7th June, at 4pm GMT a large-scale attack via a botnet (a group of compromised computers controlled by the attacker) resulted in a downtime of several hours.

As soon as we became aware of the issue we launched an investigation. We assigned 10 staff members to the incident and worked to get the service back up, fuelled by a winning mix of adrenalin and pizza. The method of attack was quickly identified and actions were taken to minimise the impact on the service. We regularly adapted solutions to the changing methods of attack. New protective measures (filters to distinguish between normal incoming traffic and flooding traffic from the attack) were set up by our team, and the attacks finally stopped around 12:22am GMT.

Deezer has been up and running ever since, despite further DDoS attempts on Saturday night, and during the day on Sunday.

We apologise for any inconvenience. We’re continuing to investigate and are working hard on countering this type of attack in the future, by strengthening our security systems and servers.

Finally, we would like to thank you for your kind messages and tweets of encouragement!

Daniel Marhely
Deezer Founder