Distributed Denial of Service (DDoS) attacks have unfortunately become a fact of life in online poker. While they are not a regular occurrence in the industry, they do happen often enough where they are expected. How they affect the poker sites all depends on the intensity of the attack and the effectiveness of the site’s defenses. Late last week, partypoker was the latest victim of a DDoS attack.

The troubles began on Thursday, August 9th in the late afternoon ET, which would put it generally in the prime poker playing time in Europe. Party initially acknowledged the situation publicly at 4:12pm ET, tweeting, “We are aware of ongoing issues I can assure you our team are doing their very best to resolve and resume normal service. We apologise for the inconvenience and will update you all once resolved in full.”

To backtrack a moment, let’s explain what a DDoS attack is. With a poker site, communication requests are going back and forth between the servers and the players’ computers. These requests are what you would imagine: things like player actions (bet, raise, fold, etc.), chip movement, card deals, and more. In a DDoS attack, the attacker floods the poker site with bogus communication requests, so many and at such a steady rate that the server can’t keep up.

Sites have security measures in place to block attacks, but a successful DDoS attack overwhelms the gatekeepers. So many requests are sent that the security measures have trouble weeding out the shitty ones from the legitimate ones. And the “distributed” part means that the attack is coming from many different sources, so it is difficult to figure out which figurative doors to lock.

The end result is that players get booted from tables, have trouble logging in, tables lag, hands freeze, a general shitshow ensues.

A couple minutes after that first tweet, partypoker announced that it was, in fact, a DDoS attack that was causing issues, saying, “Apologies for the technical difficulties, we are working to rectify, the site has been targeted with a DDoS attack from third parties. We hope to resume normal business very soon and will keep you updated. Thank you for your patience.”

Partypoker tweeted close to 5:00pm ET and nearly an hour after that, still saying that the tech/security team as working on the problem and that refunds (for tournament entries and cash game hands that were borked, for instance) would be refunded on Friday.

At 10:00am ET on Friday (afternoon in Europe), partypoker said that some players were still experiencing issues and by about quarter to eleven, it announced that everything was fixed. Problem was, not everything was fixed. At about 1:00pm and even into Saturday morning ET, partypoker tweeted that a limited number of players were still dealing with lingering DDoS problems. In a follow-up tweet, the poker room added that refunds were taking longer than expected because of the extent of the problems.

On April 10th, partypoker Managing Director Tom Waters posted an apology for the situation on the partypoker blog, saying, in part:

The unfortunate events of 9 August were understandably frustrating for our players. After consideration, the decision was taken to pause and then subsequently cancel all affected tournaments.

Our team worked hard to try to resolve the key issues. As poker players ourselves, we fully understand how frustrating it can be when an online poker room suffers technical issues, and we fully appreciate the considerable patience and understanding shown by our players in light of these difficulties.

Leave a Comment

Your email address will not be published. Required fields are marked *