On 2023-10-28 we experienced a DDoS attack against our platform. Our oncall team responded promptly and worked to mitigate impacts to our services. From 04:56 UTC to 06:26 UTC we experienced intermittent but significant impact to the Bitly website, Link-in-Bio pages, and redirects for custom domains with DNS A records. Some custom domains continued to see impact until 19:51 UTC when we released additional updates to our mitigation strategy. The Bitly API and links on the bit.ly domain and custom domains with DNS CNAME records continued to work throughout this period.

Additionally, during this incident our status page provider was conducting a maintenance window and experienced an outage of its own which affected our ability to communicate our investigation and response to this incident via status.bitly.com in a timely manner. At 05:55 UTC we were able to update bitly.com with some details of our incident response.

We apologize for the inconvenience this outage may have caused and understand the impact to our customers. We place a high value on the reliability of our services and are evaluating ways to improve our ability to mitigate this type of issue. We also understand the impact and potential confusion caused by the lack of messaging during this outage. We value highly and will work to improve our ability to communicate about incidents in a timely fashion.