1.2 terabits per second hit at peak Black Friday. Shoppers never noticed.

For a national online retailer, Black Friday isn't a busy day — it's the day. A double-digit share of annual revenue can flow through the checkout in a single afternoon. Every minute of downtime during peak isn't just lost sales; it's abandoned carts, broken customer trust, and a story that lands on the evening news.

Attackers know this. DDoS extortion crews deliberately time their assaults to the moments when an outage hurts most — and then demand payment to make it stop. This retailer was hit with a multi-vector volumetric flood that peaked at 1.2 Tbps, combining UDP reflection, a SYN flood, and a Layer-7 HTTP request storm aimed squarely at the checkout API.

• A 1.2 Tbps multi-vector flood — among the largest attacks of the year.
• Layer-3/4 volumetric traffic designed to saturate upstream bandwidth.
• A Layer-7 application flood crafted to exhaust checkout and search servers.
• Precise timing — launched within minutes of the retailer's peak traffic hour.

The headline number is the one that didn't change: revenue. The retailer finished Black Friday with record sales and zero availability incidents. The attack that was supposed to hold the business hostage was filtered out so cleanly that the marketing team didn't even know it had happened until the post-event security briefing.

• Zero seconds of storefront downtime across the entire attack window.
• 100% of revenue protected — every cart that wanted to convert, did.
• No ransom, no negotiation — the extortion attempt simply failed.
• Sub-second impact on real users — legitimate shoppers saw normal page-load times throughout.

After the event, S-Security delivered a full attack report and refined the retailer's Layer-7 baselines ahead of the holiday season, ensuring even larger floods would be a non-event. For a business where uptime equals revenue, that confidence is the whole product.