DataTables CDN Outage – post incident review
17 hours ago
- #domain-hijacking
- #cybersecurity
- #open-source
- Major outage on DataTables.net due to a domain hijacking attack on 29th July 2025.
- Attack involved transferring the domain to an attacker's account via social engineering, not a server breach.
- Services were disrupted, including the main site, support forum, and CDN, but user data and source code remained safe.
- The attacker flooded an old email address with spam to hide the domain transfer confirmation email.
- A mirror domain (datatables-cdn.com) was quickly deployed to mitigate CDN issues.
- Domain was restored after submitting evidence of rightful ownership to the registrar.
- DNS propagation delays caused prolonged access issues for some users.
- DataTables CDN handles ~55TB of data monthly, highlighting the attack's widespread impact.
- Immediate actions included prioritizing registrar emails and criticizing default transfer timeout policies.
- Future steps include making CDN setup more accessible and enhancing security monitoring.
- Recommendations for users: use sub-resource integrity, consider self-hosting files, and be wary of email floods.