Bluesky attributed ongoing service disruptions to a sophisticated distributed denial-of-service attack Friday. The company said it found no evidence of unauthorized access to user data.
Bluesky's website and mobile app continued experiencing outages Friday, with the social network attributing the problems to an active cyberattack. Chief Operating Officer Rose Wang disclosed the DDoS attack as the cause behind the service interruptions.
A distributed denial-of-service (DDoS) attack floods a target system with traffic to overwhelm its infrastructure and render services unavailable. These attacks do not typically compromise stored data or user information.
Bluesky confirmed that despite the ongoing technical issues, investigators have not identified any unauthorized access to private user data. The company did not provide additional details about the attack's scope, duration, or the specific systems affected.
The outages mark a significant service disruption for the Jack Dorsey-backed alternative to X, which has grown substantially since its public launch. The platform has attracted hundreds of thousands of users seeking different content moderation policies and governance structures.
Bluesky did not specify a timeline for full service restoration or provide updates on defensive measures being deployed to mitigate the attack. The company also did not disclose whether it engaged external cybersecurity firms or law enforcement agencies.
DDoS attacks have become increasingly common against prominent technology platforms. Threat actors employ these techniques to disrupt services, test defenses, or make political statements. The sophistication level can range from unsophisticated attacks using readily available tools to complex operations involving compromised networks across multiple countries.
Users have reported difficulty accessing Bluesky's services throughout the day, with some experiencing complete unavailability while others encountered slowdowns. The platform's status page reflected the ongoing incidents.
Partnered Health, one of Australia's largest healthcare providers, has disclosed a cyber-attack affecting 21 clinics across Sydney, Melbourne, and Canberra. Personal information and medical records were compromised in the breach.
Security firm Intruder has developed an AI-powered system that automatically identifies previously unknown software vulnerabilities by combining code analysis with large language models. The tool already discovered and exploited a WordPress plugin zero-day.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.