At 02:05 UTC June 2nd, CCP became aware of a significant and sustained distributed denial-of-service attack (DDoS) against the Tranquility cluster (which houses EVE Online and DUST 514) and web servers.
Our policy in such cases is to mobilize a taskforce of internal and external experts to evaluate the situation. At 03:07 UTC, that group concluded that our best course of action was to go completely offline while we put in place mitigation plans.
While we initially reopened EVE Online and DUST 514, at 14:51 UTC we became aware of additional information that led us to re-evaluate our decision. With the highest sense of precaution we took the decision to take Tranquility and associated websites back down for further investigation and an exhaustive scan of our entire infrastructure.
What we can now confirm is that a person was able to utilize a vulnerability in one of the back-end services that support the operation of the Tranquility server. This vulnerability has now been secured and thoroughly tested.
We would like to stress that at no time was customer data compromised or accessible in any way.
The effort of returning the complex server structure of the EVE Universe and associated websites to service in a methodical and highly-scrutinized fashion began hours ago and Tranquility has now been brought online (at 10:13 UTC). Our teams will monitor the situation carefully in the coming hours to ensure that our services are accessible and that all customer data remains secure.
We will be looking at ways to compensate players in both EVE and DUST for the outage and expect to announce what that compensation will be very soon.
We would also like to take this opportunity to thank all of our players on EVE Online and DUST 514 for their patience and understanding during this unexpected downtime and the investigation. We are grateful for your support, as always.
Regards,
Jón Hörðdal Jónasson,
Chief Operating Officer
CCP