Decentralized social media platform Bluesky experienced significant service disruptions following a sophisticated distributed denial-of-service (DDoS) attack that targeted its systems, leading to intermittent outages and degraded performance across the platform.
The attack began around April 15, 2026, and intensified over time, impacting core features such as feeds, notifications, threads, and search functionality. Users reported frequent errors, slow loading times, and temporary inaccessibility as the platform struggled to handle the surge in malicious traffic.
Bluesky confirmed that the disruption was caused by a “sophisticated Distributed Denial-of-Service (DDoS) attack,” noting that its teams worked continuously to mitigate the impact and restore stability. Despite the severity of the incident, the company stated that there was no evidence of unauthorized access to user data.
While the company has not officially attributed the attack to any specific actor, a group known as “313 Team,” reportedly linked to pro-Iran hacktivist activity, has claimed responsibility. However, these claims have not been independently verified.
The disruption appears to have lasted for roughly 24 hours, although mitigation efforts helped stabilize the platform even as attack activity continued in the background. Bluesky emphasized that its decentralized architecture helped limit the overall impact, with some independent services built on its protocol remaining functional.
