Bluesky outage caused by DDoS what happened

Bluesky blames coordinated DDoS for service outages

Bluesky reported that a sophisticated denial-of-service (DDoS) attack was responsible for continuing app and website outages. The company had previously described the situation as systems down in a “regino” (region) while investigating an incident.

In the update, Bluesky said it had identified the DDoS as the cause of the disruption and that there was no evidence of unauthorized access to private data. That distinction is important: DDoS attacks are designed to overwhelm availability (making services slow or unreachable) rather than to directly steal credentials or data.

The outages manifested in typical user-facing ways—feeds failing to load, notifications disappearing, and the app sometimes not working at all. Those symptoms line up with traffic flooding or resource exhaustion, where legitimate users can’t reach servers or requests can’t be processed.

Why it matters for users and operators

A DDoS-heavy incident tests two parts of platform reliability:

• Availability protections (capacity, rate limiting, scrubbing, and traffic filtering).
• Incident communication (how quickly the operator explains cause and whether data was accessed).

Bluesky’s statement that no unauthorized access was found helps narrow the risk profile to availability rather than confidentiality.

What to watch next

• Whether Bluesky can sustain service stability after the attacker stops.
• Whether the company describes any longer-term changes to mitigation.

The key takeaway is that the problem wasn’t framed as a data breach but as an availability attack, with the platform working through recovery while mitigation runs.