Skip to main content

DDoS Attack Update: 2026-07-10 6:40 PM
 

We want to thank our customers, partners, and employees for their patience, resilience, and continued support while we respond to the ongoing DDoS attack affecting parts of our network.

Our technical teams are working around the clock to protect services, strengthen mitigation, and restore the best possible experience for customers. Our focus remains firmly on keeping customers connected and reducing the impact wherever possible.

As part of that effort, Jenny Internet is formally escalating the incident to the telecommunications regulators and national cybersecurity authorities in every country where we operate:

  • South Africa: ICASA
  • Botswana: BOCRA
  • Lesotho: LCA
  • Eswatini: ESCCOM
  • Zambia: ZICTA
  • Mozambique: INCM

Because of the scale and international nature of the incident, we are also submitting reports and technical evidence to relevant global cybersecurity and law-enforcement organisations, including INTERPOL Cybercrime, ENISA, SAPS Cybercrime, AFRIPOL, CISA, FIRST, Shadowserver, the FBI Internet Crime

Complaint Center, Europol EC3 / J-CAT and the UK NCSC.
We will continue working with our upstream providers, regulators, cybersecurity partners and international authorities to protect our network and support our customers.

Thank you for your patience and understanding. We remain committed to doing everything in our power to keep you connected.


Kind regards,
Arnold
 

 


 

DDoS Attack Update: 2026-07-10 2:15 PM

Current Network Status: The attack volume has increased again, and some services may experience intermittent disruption.
 

Our network is currently experiencing a renewed increase in malicious DDoS attack traffic. While earlier mitigation efforts significantly reduced the impact, the attackers have increased the scale and intensity of the attack.

Our Network Operations and Security teams are actively responding and continue to work alongside our upstream partners to filter malicious traffic and maintain service stability. Additional mitigation measures are being deployed as the situation evolves.

What customers can expect:

  • Internet connectivity may be intermittent in some areas.
  • Some online services may be slower than normal while mitigation continues.
  • Network performance will continue to improve as additional protections take effect.

Important: This attack is targeting network availability only. It does not compromise your personal information, passwords, banking details, or any data stored on your devices. Your online banking, emails, and personal information remain secure. The purpose of this attack is to overwhelm network infrastructure, not to access customer data.

We understand how frustrating these disruptions are and sincerely appreciate your patience and support. Our teams remain fully engaged and will continue working around the clock until network stability has been fully restored.

Thank you for your continued patience.

Kind regards,
Arnold

 

DDoS_Attack_Update_2026-07-10_215PM

 


 

DDoS Attack Update: 2026-07-10 11:50 AM

 

Current Network Status: Stable and improving. Some services may still be intermittent.
 

We've received a number of questions from customers who are concerned that the current DDoS attack could expose their personal information or online banking.


We want to reassure you that this is not the case.

A DDoS attack is designed to overwhelm an internet network with massive amounts of traffic. Its purpose is to slow down or interrupt internet services, not to gain access to customer data.

There is no indication that customer information, passwords or banking details have been compromised as part of this incident. If you're accessing secure websites such as your bank, email, or work applications, they continue to use their normal encryption and security protections.

Our engineers continue to monitor the network closely and have mitigation measures in place while the remaining malicious traffic is managed.
Thank you for your continued patience and support.

Kind regards,
Arnold
 


 

DDoS Attack Update: 2026-07-10 11:40 AM


Current Network Status: Stable but filtering active. Specific external services impacted.
 

Our engineering team continues to work around the clock with our upstream providers and DDoS protection partners to maintain network stability while the attack remains active.
While general internet connectivity has significantly improved, the aggressive traffic filtering required to block the attack is unfortunately causing friction with certain external platforms. Because traffic is being heavily scrubbed, some secure connections, cloud registries, and streaming services are experiencing high latency, connection drops, or slower routing.
We are currently seeing the heaviest impact on the following services:

     ❌ Microsoft 365 / Teams / Outlook (Authentication delays and intermittent connection drops)
     ❌ Remote Desktop (RDP / VPNs / Anydesk / Teamviewer) (Session lagging or temporary disconnections)
     ❌ CIPC & PaySpace (Slow loading times or failed logins on portals)
     ❌ Meraki Registry (Delays in cloud management syncing)
     ❌ Discord & Crunchyroll (Voice channel drops and streaming buffering)
     ❌ Spotify (Audio buffering or difficulty connecting)

Our team is actively optimizing our filtering rules to smooth out traffic to these specific services without weakening our overall network defense.
We appreciate your continued patience and understanding while this work continues.

Kind regards,
Arnold
 


 

DDoS Attack Update: 2026-07-10 11:30 AM

 

Important Update Regarding WAKA TV Connectivity.
 

We are reaching out to provide a specific update regarding connectivity to WAKA TV on our network.

While our general optimization efforts have successfully restored stability to all mainstream, licensed streaming and internet services following the recent network disruptions, traffic to WAKA TV remains heavily restricted and will continue to be highly intermittent or blocked.

Why is this happening? Our upstream security providers and active firewall defenses have flagged WAKA TV due to a critical security compromise on their platform. Because WAKA TV operates as an unlicensed, third-party streaming service, it lacks the standard security protocols required to verify safe traffic.

Allowing unverified traffic from a compromised, unregulated platform right now poses a severe risk to our overall network integrity and, more importantly, to the security of your private data.

What happens next? To keep our network secure and defend against ongoing external threats, our strict traffic-scrubbing rules must remain in place. 

We understand this may cause inconvenience for those who utilize this platform, and we appreciate your understanding as we prioritize the absolute security and safety of your primary business and home connectivity.

Kind regards,
Arnold
 


 

DDoS Attack Update: 2026-07-10 6:40 AM

 

Current Network Status: Stable and improving. Additional mitigation steps implemented.
 

Our engineering team continues to work around the clock with our upstream providers and DDoS protection partners to mitigate the ongoing large-scale DDoS attack affecting Jenny Internet's network.

Since this morning, we have implemented additional mitigation measures that have resulted in a noticeable improvement in network stability. We are seeing more normal traffic patterns across our network, and many customers should now be experiencing improved connectivity and performance.

The attack is, however, still active. Throughout the night we have continued to see multiple attack attempts, and our mitigation measures are being continuously adjusted to respond as the attack evolves. This is an active process, and our teams remain focused on maintaining service stability while minimising customer impact.

While the majority of core services are operating normally, some customers may still experience intermittent connectivity issues, increased latency, or slower routing to certain destinations as traffic continues to be filtered and optimised.

Our priority remains:

  • Maintaining network stability.
  • Restoring full redundancy where it is safe to do so.
  • Continuously adapting our defences as the attack changes.

We appreciate the patience, support, and understanding shown by our customers during this incident. We will continue to provide updates as meaningful progress is made.

Thank you for your continued support.

Kind regards, 
Arnold

 

Network Update

 


 

DDoS Attack Update: 2026-07-09 6:15 PM


Current Network Status: Stable and improving. Active mitigation is still in progress.
 

We want to provide a quick update on our progress regarding the ongoing DDoS attack. Our technical team is still actively scrubbing the affected subnets, and we are seeing steady improvements across the network. We continue to work diligently to get all services completely restored to normal operation.

As we head into peak evening traffic hours, our team is closely monitoring the network environment in real-time. This is to ensure that the mitigation filters hold up under the increased load and that connectivity continues to run smoothly for all customers.

We appreciate your continued patience and support as we navigate the final stages of this mitigation.

Kind regards,
Bernard

 


 

DDoS Attack Update: 2026-07-09 12:30 PM
 

Current Network Status: Stable and online. Some disruption or degradation may still occur while mitigation continues.

We have observed that active scrubbing is starting to reduce the volume of malicious traffic from the ongoing Carpet Bomb DDoS attack. Traffic levels are beginning to normalise, however mitigation is still in progress and performance has not yet returned to optimal conditions.

Some customers may still experience intermittent connectivity issues, higher latency, slower speeds, or degraded performance to certain websites and online services while affected traffic is being cleaned and routed through the scrubbing platform.

Our engineering team is working around the clock with our upstream providers and DDoS scrubbing partners to clean the traffic, safely restore all required peers, and bring connectivity back to normal as quickly and safely as possible.

We appreciate your continued patience and understanding while this work continues.

Kind regards,
Bernard

 


 

DDoS Attack Update: 2026-07-09 9:10 AM
 

Current Network Status: Stable and online. Some services may still be intermittent.
 

We are currently dealing with a Carpet Bomb DDoS attack. This means the attack is being spread across many IP addresses instead of targeting only one service or server. In this case, the attack is hitting entire /24 subnets at a time. A /24 contains 256 IP addresses, and the attack is also moving across multiple subnets, which makes the scale much larger than a normal single-target DDoS attack.

The attack is targeting Jenny Internet’s network infrastructure, not customer internal systems. Customers do not need to be concerned that their own equipment has been compromised or directly targeted.

The scale of the attack is significant. When scrubbing started yesterday, we were already seeing around 300Gbps of attack traffic. The attack later increased to around 800Gbps and peaked at more than 1Tbps last night before mitigation was fully in place.

To help control this, we are using IP prefix scrubbing. This means traffic for the affected IP ranges is temporarily routed through our DDoS protection provider in London before it reaches our network in South Africa. London is a major international internet exchange point with the scale, upstream capacity, and specialist filtering infrastructure needed to absorb and clean attack traffic of this size safely.

The protection provider filters out as much of the attack traffic as possible and then sends the clean traffic back to our network. The trade-off is that any affected IP ranges being actively scrubbed have to take a longer route via London before returning to South Africa. This longer round trip can result in higher latency, slower speeds, or less efficient routing for some destinations while scrubbing remains active.

To reduce the broader network-level impact of this process, we have advertised smaller IP prefixes, known as /24s, instead of larger ranges. This allows us to apply scrubbing more precisely to only the affected portions of the network, helping to limit the impact on unaffected services and customers.

As the scrubbing starts blocking the attack traffic, the attacker may also change their attack pattern to try to get around the mitigation. This can include moving the attack to different IP ranges, changing the type of traffic being sent, or increasing the volume. Because of this, mitigation is not always instant or static; it needs to be adjusted as the attack changes.

Core services have stabilised, and most customers should now be back online. However, due to the size and spread of the attack, we may still see intermittent issues while mitigation continues. You may notice increased latency, slower speeds, or less efficient routing to specific websites and online services while affected IP ranges are being scrubbed.

Our engineering team is actively working with our upstream providers and DDoS protection partners to safely restore full network redundancy, keep services stable, and strengthen our defences against any further attacks.

We sincerely apologise for the disruption and appreciate your patience and understanding while this work continues.

Kind regards,
Arnold

 


 

DDoS Attack Update: 2026-07-09 8:00 AM
 

Current Network Status: Stable and online. Some services may still be intermittend.
 

This morning, our network was targeted by a renewed Distributed Denial of Service (DDoS) attack, resulting in a temporary service interruption between 06:00 and 07:30.

Core services have since stabilised, and most customers should now be back online. However, because some redundant upstream connections remain offline as a precaution, routing to certain websites and online services may not yet be fully optimised. You may notice increased latency or slower performance to specific destinations while this work continues.

To protect the stability of our network and minimise the impact on customers, our engineering team temporarily disconnected some upstream connections while mitigation measures were implemented.

Our engineering team is actively working with our upstream providers to safely restore full network redundancy and strengthen our defences against any further attacks.

We appreciate your patience and understanding while these final restoration steps are completed.

Kind regards,
Arnold

What our clients are saying

Jenny Internet Zambia
3.9
Based on 8 reviews powered by Google