Bluesky DDoS attack causes intermittent outages across app and site
Bluesky DDoS attack disrupts app and site since April 15, 2026, causing intermittent outages to feeds, search and notifications; company says no data breach.
Bluesky’s website and mobile app have been intermittently disrupted since April 15, 2026, after the company attributed service degradation to a sophisticated Distributed Denial-of-Service (DDoS) campaign. The Bluesky DDoS attack has produced slow loads, error messages and partial feature outages that have affected feeds, search, threads and notifications for many users. Company posts and on-platform status messages described an intense mitigation effort that continued through the night and into the following day.
Bluesky attributes outages to a sophisticated DDoS campaign
Bluesky publicly confirmed the cause as a sophisticated DDoS attack that began on April 15 at about 8:40 p.m. ET and intensified the next day. Chief operating officer Rose Wang and the company’s official account posted updates saying the attack was flooding services with excessive traffic and causing intermittent interruptions. The company emphasized that DDoS incidents aim to overwhelm infrastructure rather than to extract data, and said its teams were focused on blocking malicious traffic and stabilizing systems.
Chronology of the disruption and company updates
Initial reports of intermittent outages arrived late on April 15 and continued through April 16, when Bluesky posted an account-level update describing the ongoing mitigation work. The company’s status page and status account were the primary channels used for updates, though the network’s status page itself experienced availability problems during the incident. Bluesky said it would provide a subsequent update by 1 p.m. ET on Friday, April 17, 2026, while engineers continued to monitor and respond to evolving traffic patterns.
User experience: errors, rate limits and slow loads
Users reported a patchwork of symptoms, including slow loading times, error screens when visiting profiles, and messages noting “Rate Limit Exceeded” for high-traffic feeds. Popular sections such as Discover and the official Bluesky Team feed were especially prone to intermittent failures, even while many users’ personal feeds remained accessible. These mixed symptoms are consistent with traffic-shaping and mitigation measures providers often deploy during DDoS incidents to preserve core functionality while isolating attack vectors.
Company stance on data security and scope of impact
Bluesky has stated it has found no evidence of unauthorized access to private user data during the disruption, reiterating that DDoS attacks do not inherently entail data breaches. The company also acknowledged the operational impact on services and confirmed engineering teams were working with infrastructure partners to filter attack traffic. Observers note that while DDoS campaigns typically don’t exfiltrate information, the immediate business and usability effects can be severe for a small or medium-sized social platform.
Migration pressure and effects on AT protocol communities
Alternative communities built on the same AT protocol, including Blacksky and several independent instances, reported increased traffic and a “significant spike” in migration requests from Bluesky users. Those independent services, which operate their own infrastructure, remained functional while the Bluesky-hosted network experienced interruptions. Several AT-powered community founders and developers publicly promoted their services as migration options, contributing to elevated registration and onboarding volumes across the wider ecosystem.
Operational response, communications and public signals
Bluesky engineers reportedly worked through the night to mitigate the attack, and staff posts indicated a hectic response environment as mitigation measures evolved. The company’s communications were pragmatic but uneven: users noted a typo on the status feed and intermittent failures of the status page, which complicated visibility into remediation steps. Bluesky directed inquiries to the status account and page and declined to provide a firm time to full restoration beyond the scheduled update window, citing active mitigation work and shifting attack dynamics.
The incident highlights an operational challenge for decentralized social networks that rely on a mix of central services and federated communities. While some AT-powered instances remained available, the outage on Bluesky’s main infrastructure created friction for users and prompted migration interest that may accelerate traffic patterns across the protocol. As engineers continue to filter malicious traffic and restore consistent service, users should expect intermittent availability and rely on the company’s status channels for official updates.
