Leadership

Online World Series ticket sales hit by DoS attack


The most sought-after sports ticket in Colorado is for one of the three World Series games scheduled to be played at Coors Field, home to the hottest team in baseball, the Colorado Rockies. Upward of 60,000 tickets for those three games were to be sold the morning of Monday, October 22 through online sales. However, transactions for only about 500 tickets were completed before the Paciolan (Pack-ee-o-lan) computers came tumbling down.

Servers at Paciolan, the company contracted to handle the ticket sales for the Colorado Rockies, were hit with 8.5 million requests in the first 90 minutes of the sale. Those 1,600 hits per second were enough to overload the company servers. And with the exception of those few sales, no one was able to buy any tickets (including yours truly).

The Colorado Rockies later announced that the servers were intentionally and maliciously hit with a denial-of-service (DoS) attack. The who, where, and why is still a matter of speculation. But within 12 hours, Paciolan announced it was ready to resume the sale of those World Series tickets, confidant it could thwart another DoS attack.

One has to wonder, however, why Paciolan wasn't ready to thwart the first one? Has Ticketmaster or any other ticket outlet ever faced such a DoS attack? What about other large online retail sites such as eBay or Amazon? What do they do to keep it from happening, and what did Paciolan have to do differently?

Nonetheless, the Colorado Rockies did indeed resume sales of those 60,000 tickets the following day, and the sale went on without incident. All available tickets were sold in just over two hours.

There's certainly been a lot of talk about the problems associated with the sale of those tickets, but I've heard nary a word asking who would launch such an attack and why? The local media and the fans aren't talking about it, and the Rockies organization itself actually stopped discussing that aspect of the issue, most likely as a way to keep attention and excitement focused on the team and the field of play.

After all, I don't think they'd want to create a diversion from their immediate task at hand, which is, of course, to emerge from the World Series as the eventual winners. Why would they want to distract from that? After the season, however, I expect a full-blown investigation of the DoS attack.

Was this likely just an individual with some axe to grind -- and someone with the right amount of knowledge and resources to simply disrupt, embarrass, and wreak havoc on the Colorado Rockies and/or Paciolan? Could a lone individual pull off such a thing? Or is it more likely that it was a more concerted effort by many individuals, or even some organization, who has some sort of monetary motive? What could be other motives? Could the perpetrator (or perpetrators) ever be tracked down and prosecuted? Did they likely leave digital tracks that could be followed? The questions are many, but I've yet to hear any real answers. (If it happened to the Red Sox, we could just blame the curse of the Bambino.)

I suppose those Colorado Rockies fans and the local media outlets are just too focused on another question to be too concerned about the ones I've been asking. They're all wondering if the Colorado Rockies will continue their hot streak and sweep yet another post-season opponent, the Boston Red Sox. And I suppose this can be added to the list of another first for what has been an amazing, record-breaking, and historic run into the World Series, the Rockies' first appearance in the fall classic.

This is, I believe, the first time World Series ticket sales has been disrupted because of an online DoS attack. And speaking as a Rockies fan, I'll go on the record as predicting that DoS will not go on to mean Denial of Series victory.

21 comments
rpolunsky
rpolunsky

With all of the interest in the Rockies getting to the Series, and the number of ticket reseller (read: scalper) firms out there using automated programs, I don't think you had a DoS going on. I think you had everyone and their cousin wanting tickets and Paciolan just neing brainless about the demand curve.

keqos1u02
keqos1u02

Since when has "ticket selling server cannot cope with legitimate demand from customers" become "(D)DoS"? Are the people who set up this server misdirecting attention from their incompetence by blaming '(cr|h)ackers'?

IC-IT
IC-IT

"I???ll go on the record as predicting that DoS will not go on to mean Denial of Series victory." As a Red Sox fan, I have to admit ....... You may get up to three Series Victories (individual games that is) ;-0 :-) Seriously should be a good Series and the season may have started a pleasant rivalry with the D'Backs.

mike
mike

8.5 million hits in 90 minutes? Youtube gets 100 million hits a day....everyday.... that's a regular day. Aol.com gets 10 million hits an hour. This sounds like Paciolan's attempt at CYA. This is so irritating for me, someone at Paciolan should be S*** canned over this and MLB should pull the contract. Simple as that. I know, next year I'll get the ticket sales contract for MLB. Hell I can set up a site that crashes for much less than they paid. mike

mike
mike

8.5 million hits in 90 minutes? Youtube gets 100 million hits a day....everyday.... that's a regular day. Aol.com gets 10 million hits an hour. This sounds like Paciolan's attempt at CYA. This is so irritating for me, someone at Paciolan should be S*** canned over this and MLB should pull the contract. Simple as that. I know, next year I'll get the ticket sales contract for MLB. Hell I can set up a site that crashes for much less than they paid. mike

mike
mike

8.5 million hits in 90 minutes? Youtube gets 100 million hits a day....everyday.... that's a regular day. Aol.com gets 10 million hits an hour. This sounds like Paciolan's attempt at CYA. This is so irritating for me, someone at Paciolan should be S*** canned over this and MLB should pull the contract. Simple as that. I know, next year I'll get the ticket sales contract for MLB. Hell I can set up a site that crashes for much less than they paid. mike

Joe_R
Joe_R

The Rocky organization called this an, "external, intentional, and malicious attack". What does that sound like to you? To me, it sounds like more than just an inability to cope with legitimate demand.

mhbowman
mhbowman

the demand curve of all the scalpers looking to resell the tickets on eBay. I'd like to see a permanent DoS on all the Ticket Master type "convenience" monopolies, I mean, companies.

Joe_R
Joe_R

The Rocky organization called this an, "external, intentional, and malicious attack". What does that sound like to you? To me, it sounds like more than just an inability to cope with legitimate demand.

raycamara
raycamara

First everyone attacks the Patriots for Spying, now their trying the same tactics over the Red Sox's. Get over it the Red Sox's Win!

sheldon.dokken
sheldon.dokken

The four hottest sporting events in North Dakota and Minnesota are between the University of ND Sioux and the University of MN Gophers playing hockey. In less than 20 minutes all sales for those games where sold. Only U of ND uses tickmaster. U of MN uses their own and there online sales where in trouble this year. They were down for half a day figuring out what happen. Someone tried a DoS attack.

billballew
billballew

YOU MEAN TO TELL ME THEY ARE STILL PLAYING BASEBALL? How idiotic! Don't they know it is now football season? Who gives a c--- about baseball when our college teams are on the field? Baseball? Come on! That should have been finished by September 1st.

Joe_R
Joe_R

Who suggested that the Red Sox organization was behind it? I certainly didn?t. What motive would they have? What would the Red Sox organization have to gain by disrupting their opponent?s home stadium ticket sales? I can?t think of any, nor would I think they?d do such a thing even IF they did have a motive. So no, I don?t think for a minute that the Red Sox organization, the fans, or anyone even remotely associated with the Red Sox had anything to do with it, nor did I suggest as much. But just for fun, let me speculate for a minute. Let?s find a viable motive, explore the who and the why, and run with it. [b]The Reason:[/b] There were a lot of people in Colorado who were very upset with the Rockies organization because they decided to sell ALL World Series tickets online. (But since you?re not a local-type, you wouldn?t have known that.) Many of the people upset with the Rockies were locals who ALSO play the secondary-market ticket game, either on a large or small scale. The Rockies decided to sell NO TICKETS at the stadium box office or at any of the various walk-up ticket outlets they?ve used in the past. They announced that all tickets would be sold online - ALL of them. Why did the Rockies do that? They said it was to give a greater and more equal opportunity for the regular fan to buy the tickets. (Note: this does not mean they believed all tickets would go to the regular fan. Just more than otherwise would have.) [b]The Background:[/b] It?s been a well-known and common practice for local ticket brokers to pay a nominal amount of money to homeless-type people, students, etc. (people who have no desire to go to an event, but only wish to make a few bucks), to stand in line for them to buy as many tickets as allowed. They might pay somebody $100 to stand in line all day to buy hundreds or thousands of dollars worth of tickets. Some college kid might earn a hundred bucks, and some ticket broker pays a relative pittance to buy a boat-load of tickets at face value - so they can later be sold at a big profit. Multiply this by dozens of ticket brokers (large or small scale), each paying a dozen or more people, each person buying a dozen tickets, and you have thousands of tickets going into the hands of secondary-market sellers, and out of the hands of fans who just want to go to the game. And while it?s illegal to sell tickets above face value within Denver city limits, it?s not illegal in many of the surrounding communities and suburbs; as such, the secondary-market ticket sales is a BIG business out here - one that takes place regularly and right out in the open. [b]The motive:[/b] Force the Colorado Rockies to sell their tickets at walk-up locations. And since time was of the essence, the reasoning might have been, the Rockies online plan would have to be scrapped for the only other alternative, which was walk-up ticket sales. [b]The culprit (or culprits):[/b] Local ticket brokers. Most likely one very resourceful ticket broker wanting to increase his profits by sending an army of stand-ins to buy tickets at walk-up locations. [b]The outcome:[/b] The Rockies made another announcement (after the initial disruption) standing firm on their commitment to sell NO TICKETS at any walk-up location. All tickets would be sold online, they said, regardless of what they had to do to make it happen. They publically called the effort to disrupt their ticket sales an [b][i]?external, intentional, and malicious attempt?[/b][/i]. They were mad ? steaming mad. [b]Who it?s not:[/b] The Boston Red Sox fans would actually have a better chance to attend a World Series game in Denver than in Boston. Fenway Park seats 35,000 and has a potential fan-base in the tens of millions ? the entire northeast corridor. Compared to Denver's Coors Field, which seats 50,000 with a fan-base a fraction the size of Boston?s. To be able to buy their road-game tickets online was a huge bonus for them. For some Red Sox fans, it would definitely be easier - and cheaper - to go to a game in Denver than Boston! [b]My conclusion:[/b] The Colorado Rockies ticket sales effort was attacked by ONE local ticket broker, but the ticket broker lost. [b]My prediction:[/b] This will be made public after the World Series is over, and the perpetrator will be found and prosecuted. [b]True or False:[/b] This is all speculation only, of course; but it is fun to speculate sometimes, don?t you think? (By the way, I have a very reliable source, inside the Rockies organization, to confirm some of what I?ve suggested. The rest, I just put two and two together to form a viable theory.) [b]Another prediction:[/b] The Rockies in seven.

DanLM
DanLM

Basketball is starting. lol Dan

GoBraves
GoBraves

have you been in a closet? all the sports overlap

nimrod666
nimrod666

I thought they quit playing back in the 1990's. When did they start again?

jrevier
jrevier

Living here in Denver when the CO Rockies announced that the tickets were to be sold only online after the days before saying they would be at the various outlets with a lottery system and available on line i saw DoS written all over it. I remember a few years ago when a DoS brought down Yahoo for a day. I was not too surprised and got to say "I said this might happen". I am very glad they got them all sold the next day. Seems that the outfit doing the hosting should have put the prevention in place before bringing you the service. Regards :-)

Editor's Picks