DDoS Attacks Strike PokerStars after ACR and PartyPoker

Written by Jennifer Newell

Last updated on August 14th, 2018

Affiliate Disclaimer Please note that some links on Legal US Poker Sites are affiliate links. We may receive a commission, at no extra cost to you, if you click through our links and make a purchase from one of our partners.

Someone has an issue with online poker. Or cyber attackers see online poker sites as prime targets. The motivation and reasoning are unclear, but online poker sites have been the target of multiple recent DDoS attacks over the past week.

PokerStars was the latest victim of a DDoS attack that started on Sunday, August 12, the busiest day of the poker week for any poker site but specifically the largest one in the world. And it certainly worked to take down the site for players in most parts of the world, as they were repeatedly disconnected from the site and not allowed to log back in.

After PartyPoker and Americas Cardroom both fended off attacks – one more successfully and handily than the other – just last week and into the weekend, PokerStars is in the midst of its own fight.

Days of Continued Attacks

As a typically busy Sunday played out on PokerStars, the site’s servers began experiencing problems. Players were disconnected from tournaments across the board, including the Sunday Million, and their chip stacks were blinded down, and it took some time for PokerStars to figure out the issue.

Please accept our apologies as we are currently experiencing technical issues. We are currently working on it and our services should be restored as soon as possible.

— PokerStars (@PokerStars) August 12, 2018

Eventually, PokerStars determined the extent of the problem and paused all of its tournaments. While players continued to express their frustration on Twitter and forums like Two Plus Two, the operator tried to pinpoint the exact problem and repair it, all while handling customer service duties and figuring out how to restart the system.

Several hours later, PokerStars posted an apology on Twitter and stated that the problem was resolved. But as players were receiving their refunds per the standard policy, many were complaining that they deserved refunds for the past hours. Frustration abounded.

Our technical issues have now been resolved. Apologies to all affected players. While some refunds were made in accordance with our cancellation policy (available here https://t.co/FZ0J6tgTkI) we will evaluate whether additional refunds are necessary following our review.

— PokerStars (@PokerStars) August 12, 2018

Not all countries were affected, however. Per Pokerfuse, the markets of Belgium, Bulgaria, Romania, and the Czech Republic not only remained connected, those players benefited from taking chips from the disconnected players in other markets.

Meanwhile, Monday began with continuing to resolve the player refund issues until more disconnections occurred. Another wave of the attack – or a fresh attack – prompted PokerStars to pause the tournaments yet again.

We are currently experiencing a large volume of disconnections. All tournaments have been paused and will be cancelled or rolled forwards according to the formulas listed here: https://t.co/r2mtIaOEmh. We apologise for the inconvenience caused.

— PokerStars (@PokerStars) August 13, 2018

And even more troubles appeared hours later in another wave. Finally, however, it seemed that PokerStars was able to stop the attacks, albeit with the caveat that updates will be provided should more problems occur.

All our tournaments are back up and running. We are continuing to monitor the situation and will provide updates as quickly as possible.

— PokerStars (@PokerStars) August 13, 2018

As of Tuesday morning, there hadn’t been any updates for 16 hours, and calm seemed to have prevailed. The site planned to complete all player refunds within 72 hours.

Why Poker, DDoS?

A distributed denial of service (DDoS) attack is a virtual form of assault on a specific website or web server. Since it comes from various sources, it prevents the victimized company or operator from simply locating the source of the attack and blocking it. The time it takes to stop such a multi-faceted attack hurts the business.

And for a business like an online poker site, it creates layers upon layers of problems. It’s not as simple as reimbursing players for the amount of chips they possessed upon their disconnections. Tournaments are more complicated, as players build equity and momentum with big prizes at stake. And on a Sunday during peak tournament time, there could be thousands to tens of thousands of players in action at any given time.

Most operators victimized by DDoS attacks don’t provide follow-ups after the problems have been resolved. Of course, it would be difficult to determine the motive of such attacks, especially when the source is rarely pinpointed, but some DDoS events are paired with blackmail notes asking for ransom. Whether this happens in the case of online poker sites will likely remain unknown as companies like PokerStars are not prone to divulge such information.

For a week’s worth of attacks on several sites – both publicly-traded and independent, regulated and unregulated – it is even more difficult to seek a motive. And since the sites are not likely to communicate with each other, it’s also impossible to know if the attacks were perpetrated by the same hackers.