Between November 4-6, Runbox experienced powerful DDoS attacks by a group calling themselves “Armada Collective”. Other security oriented email services such as ProtonMail, Hushmail, and Neomailbox were also attacked, as recently reported by Forbes.
The initial threats and attacks that attempted to extort money were withdrawn by the attackers on Saturday morning, when they offered an apology.
During the attacks we were focused on coordinating with our partners, putting in place countermeasures, and providing our customers with necessary information. Since the situation was unclear and evolved quickly, we decided to not publish any details that could inform the attackers in any way.
The situation is now under control and we are publishing this summary of the events as it may help shed light on what transpired against both Runbox and the other services that were attacked.