DDoS Attack Knocks Ancestry.com Offline

Ancestry.com, the global leader in family online history, and genealogy with 2+ million members was knocked offline for two days, starting on Monday. The company spokeswoman Heather Erickson said that bogus traffic flooded their servers, and their servers couldn’t keep up. In a published statement, she said “this has been a very frustrating and overwhelming experience, and our teams have been fantastic, working around the clock to make it neutralized.” And that “these types of attacks aren’t unique to Ancestry.” What I find interesting is that Ancestry.com was acquired a couple of years ago for $1.6B by a large European Private Equity firm. This begs the question, if Ancestry has experienced DDoS attacks in the past, why aren’t they using a CDN and a DDoS Mitigation service, especially since money is not the issue? I’m sure the DDoS attack was a multi-vector attack with all the bells and whistle, but its nothing a Prolexic like service can’t handle.