The maintenance has been completed successfully. The core router of our upstream provider is back online as of 00:12 AM UTC and traffic has shifted back to Helsinki. All services should be operating normally.
Thank you for your patience.

Our network has been stable since 03:51 PM UTC. The attack is continuing at a reduced intensity and is being actively reflected, with blackholing applied where necessary.

During mitigation, our upstream provider discovered a software bug in Arista EOS on their core router - a SIGSEGV crash in the flow sampling daemon that caused the flow collector to become unstable. This most likely allowed a portion of attack traffic to slip through to the upstream network, which contributed to the network downtime our customers have experienced. An emergency upgrade has been scheduled to address this.

Please be aware of the following upcoming maintenance: 7th March 2026 - 00:00 to 00:30 UTC

Our upstream provider will perform an Arista EOS upgrade on their core router in Helsinki. The maintenance is expected to take up to 30 minutes, though completion may come sooner.
Our Finland network will be unavailable for the duration of this window.

In parallel, traffic will be once again routed through our Germany filtering PoP to reflect the ongoing attack. As a result, latency to services hosted in Finland will be elevated both before and after the maintenance window - this is expected and will normalize once the attack subsides and direct routing is restored.
We apologize for the continued disruption and appreciate your understanding. Further updates will follow.

We are observing a recurrence of yesterday's DDoS attack targeting our Finland location. The attack follows the same pattern as before but at a lower volume. Our upstream provider has been notified and is already actively working to mitigate the attack.

We will continue to monitor the situation and provide updates as the mitigation progresses. Thank you for your patience.

Traffic has been successfully rerouted back to our Helsinki location and all services have returned to normal. The attack ceased approximately one hour ago and no further malicious traffic is being observed.

We want to thank our customers for their patience throughout this incident. As a follow-up, we will be implementing automated mitigation solutions to enable faster blackholing and traffic filtering in the future - minimizing the impact of any similar events on your services.

If you experience any lingering issues, please don't hesitate to reach out to our support team.

As part of our ongoing mitigation efforts, we have rerouted all traffic from our Finland location through a scrubbing PoP in Frankfurt, Germany. Active filtering is now in place and network connectivity is being restored.

The attack has since escalated to 8.4 Tbit/s and is carpet-bombing our entire /24 subnet. Despite the scale, our team and upstream provider are successfully filtering the malicious traffic.

As a result of the temporary reroute, you may notice higher latency than usual when accessing Finland-hosted services - this is expected behavior while traffic is being routed through Germany for scrubbing. Normal routing will be reinstated once the attack has subsided.

We continue to monitor the situation in real time and will post further updates as conditions change. Thank you for your patience.

Since 03:44 PM UTC, we have been experiencing a large-scale DDoS attack targeting customers in our Finland location. The attack is causing significant packet loss, increased latency and intermittent inaccessibility of customer services.

The attack volume has exceeded 7 Tbit/s and originates from a globally distributed botnet. Our network engineering team is actively working with upstream providers to mitigate the attack. Traffic filtering and rerouting measures are currently being applied.

We will continue to post updates as the situation develops. Thank you for your patience.