Secure webmail outfit ProtonMail is still fighting against a sustained DDoS attack that has left its service largely unavailable since Tuesday.
In a statement posted to a hastily erected blog site, ProtonMail said the powerful attack by unknown parties has also inflicted collateral damage on third-party organisations.
The attackers began by flooding our IP addresses. That quickly expanded to the data centre in Switzerland where we have our servers. In the process of attacking us, several other tech companies and even some banks were knocked offline temporarily.
Despite our best efforts, we have been unable to stop the attack but we are working non-stop to get back online.
Even though access is limited, an important thing to note is that our core end-to-end encryption holds strong and is 100 per cent untouched. All user data is fine and safe.
The motives, much less the perps behind the attack, remain unclear. ProtonMail is using its official Twitter feed to provide status updates.
It used this channel to reassure customers that their “data is secure and untouched”, even though access to its site is “unlikely”, before confirming on Thursday morning that its was under renewed attack.
ProtonMail offers a webmail system designed by boffins and CERN to withstand surveillance by the world’s intelligence agencies.
Since launching in 2013 the service has signed up around 500,000 users. ProtonMail added native web and mobile app support for Pretty Good Privacy (PGP) back in September.