Site Maintenance

Lawsuit Filed & Site Update

From Scout211 in the comments below:

I don’t know if this has been posted yet, but Bizbudding filed their lawsuit against 365 data centers yesterday. Here is a listing of the lawsuit but you have to get an account to read or download it.

The summary from, which also requires an account to read the whole thing.

The suit, backed by Glancy Prongay & Murray and Morgan & Morgan, alleges that 365 Data Centers failed to take reasonable and necessary precautions to detect, prevent and mitigate cyberattacks. Counsel have not yet appeared for the defendant. The case is 3:22-cv-00715, Bizbudding, Inc.

ETA. The link to the filing broke the margin so I deleted it. Let me try again.

Link to the complaint.

72-page pdf file.

Above is the district court link. Hopefully this will not break the margin.

I am kind of hoping that the point of the lawsuit is to COMPEL “350” Data Centers to turn over the fucking backups.  Money in 10 years does us no good at all.

Scout211 and other attorneys who have an account and have access, what else does the lawsuit say?

Sort of related, I have been working on the Balloon Juice all day.

This is what I posted this morning:

Tuesday is the day we plan to go home to a SHELL of Balloon Juice.

We have the banner and the balloon guy. And the comment system, though I’m not entirely sure it’s functioning normally. We have tags that could rotate, but no tags. No pie filter. No forms.

It’s pretty much just the banner with the balloon guy, the comment system and tags that can rotate, but no tags.

But if they could only find 3 things, those are the 3 things I would have asked for.

I will put up a post later. Tuesday will be the day we go back.

I am happy to say that we now have 69 of our rotating tags rotating again.  Thanks to Wolvesvalley – I had enlisted her aid in finding rotating tags in the web archives.  Steep is taking second shift on that, looking for the remaining 40 or so rotating tags so I can add those back in, too.

Also, I have added the white menu bar again at the top and reconstituted those pages, and we now have everything up there again: About Us, Lexicon, Contact Us and the link to the Balloon Juice store.

I set up the footer, and reconstituted all of these pages, too:

Comment Policy
Our Published Authors
Our Artists & Artisans
Privacy Policy

I know you guys would have been bummed without the policies! 🙂

I had to reverse-engineer in order to figure out to get the On the Road form, some trial and error there, but now we have that, too!

I kept good notes during the site rebuild, so I knew we had 10 plugins that weren’t installed on the SHELL we got back last night, so I installed those, which gave us more functionality.

And we have the pie filter back, which appeared this afternoon.  I tried so many things today that I don’t know which thing brought that back, but I am so happy to see it.

Anyway, lots more work to be done tomorrow, but even with none of our old posts and old comments, I feel so much better today than I did when i saw the shell of the site last night.

I definitely shed some tears last night after I first saw the shell of the site, so I wanted to share some happy news today.

Finally Some Good News

Good news from David, via John:

I got some really good news from David, not optimal news, but very good indeed.

He and his team were able to find actual hard copies of all the custom coding for Balloon Juice. He had backups of that and our data on the cloud, but was able to find a copy they had done. They will be working through the weekend to get us up and running, and hopefully by Monday we will be back.

What does this mean? What it means is that the structure and foundation of the house is there, but there is no artwork and furniture, the cupboards are bare, and I’m gonna need to go shopping for new plants. Basically, the house is still there, but the thieves kicked us in the family jewels and took them and still have them hostage.

I am remaining positive that we will eventually get our data back, but right now it is the target of a tug of war between the mba’s and lawyers at 365 data centers, the mba’s and lawyers at the as yet unnamed third party vendor/macguffin, and the hackers. I’ll let you decide which is worse, and personally I am hoping for something like the shootout at the end of Reservoir Dogs with the jewels remaining safe.

As for the data, the absolute worst case scenario is we use the tarball crawl we have, the internet wayback machine, and/or hopefully one of the people involved in the 2019 redesign have backups. I will be trawling my computer for files later. But hopefully it will not resort to that. Personally, I wish the fuckers would just pay.

So good news, mostly. Yay!

Also, Water is Wet and the Sky is Blue

Letter from “353” Data Centers sandwiched between a prologue and an epilogue from John.

It appears that the good people at 365-3 Data Centers have decided to admit what we all know, and have informed us that it is in fact a ransomware attack. I’ll attach the letter they sent to David at Bizbudding:

Facilities: EWR, LGA, IAD
Date: 5/25/2022

Thank you for your patience over the past 10 days while we worked to regain access to the impacted cloud management systems and to restore your services following the security incident of May 14, 2022.

We are now able to confirm that the May 14th security incident was a ransomware attack. We are also able to confirm that neither 365 Data Centers nor our customers were the target of this attack. The intended target was a third party whose data is stored in a dedicated environment on our cloud platform. Unfortunately, for our valued customers and 365 Data Centers, the cyber-attacker broadened the ransomware attack.

While our investigation continues, an analysis and evaluation to date by our systems team and cybersecurity experts has revealed that, aside from the targeted third party, no data was taken from the 365 Data Centers cloud environment and there are no on-going threats in the environment.

We worked tirelessly in tandem with our experts and government authorities and positioned 365 Data Centers to initiate restoration. Unfortunately, the resolution of the third-party circumstances is not in our control and continues to prevent us from moving ahead in our recovery process.

While we continue to monitor the third party’s resolution of the cyber-attack, 365 Data Centers believes that at this point in time the prudent path forward is to rebuild the affected cloud platform. This will be conducted along with an all-out effort to retrieve all data within the existing cloud environment that can still be accessed. 365 Data Centers will work with each customer who prefers to go in this direction to restore your service on a rebuilt 365 platform tailored to your current needs at our expense. In the event the ransomware attack is resolved on all fronts, we can initiate restoration of the existing cloud environment in parallel.

If your preference is to work with us to restore your service on a new 365 platform, please inform Steve Oakie, 365 Data Centers’ Chief Revenue Officer.

We are saddened by the impact this incident has caused on our many years of collaborative hard work with you to build your cloud services. Our entire organization is sorry for the significant inconvenience that this has brought to you and your business.

We will continue to be transparent by providing factual and accurate data as soon as it is verified. We appreciate your ongoing support and patience as we navigate this complex situation.

Bob DeSantis James Cornman
Chief Executive Officer Chief Technology Office

John again:

Well, that’s nice to know. I have no idea if the notification of a class action lawsuit convinced them to be more forthcoming with their customers, or if it is all just a big fucking coincidence this came out today.

David doesn’t know exactly what this means and will be seeking clarification with them tomorrow, and I have no idea if the previous repeated assurances from 365 that our data is still safe are still there. It’s a mystery wrapped inside an enigma inside a riddle inside some unnamed 3rd party vendor’s fuckup and most definitely not 365 Data Centers, that’s fer god damned sure.

Hopefully we will know more, and should our data be safe and accessible, we will move forward. If not, I will have some decisions to make about how we proceed with a new website. For now though, y’all keep enjoying your unplanned vacation at the cottage, and I’ll keep trying to figure out if the tornado just ripped off some shingles, did major structural damage, or if our home simply no longer exists. Personally, I feel better about the news today because AT LEAST I FUCKING KNOW SOMETHING FOR SURE. I feel like I have been sitting in the waiting room at the doctor’s office for two weeks because he doesn’t have the balls to tell me I have cancer. Now we wait for the oncologist to chime in. I know I can fit in another metaphor and some mangled imagery here so I will just let you all know I’ll be here until the cows come home and we’ll be giving 110 percent and working harder than a dog to get things back to normal and to keep a stiff upper chin and don’t let the bedbugs bite.

No News is Not Good News, the Lying Bastards

John’s latest missive through the mailing list, after the update today.

I’m officially depressed.  I feel so helpless and there is simply nothing I can do to get the website back.  I just have to sit here and wait and hope they come through.

I am glad that there will be a lawsuit, because that at least will put some pressure on the fuckers.  But it doesn’t help me get the site back.

I feel like someone whose house has burned down with all their shit in it.

I am, however, once the site comes back, get more involved in the day to day operations of things, because i never want to feel this helpless again.

That’s all I have.  Miss you guys.

Update from Our Site Host

Hey everybody,

In quotes below you will find the latest update from our site hosts.  In case you haven’t been following along, our site hosts are the good guys, and “354” Data Denters are the ones who are stonewalling and withholding information.  Our site hosts pass on what information they have from 354 Data Centers, which is usually meaningless word salad.

As a visual cue, you can pretty much assume that any text that refers to them as 365 Data Centers was written by someone besides me!

I’m sorry my message to you yesterday might have seemed confusing.

The confused mixture of phrases and updates from 365 sounds like word salad to me and has made it difficult for me to communicate clearly and effectively with you. I’ve done my best to accurately relay their communications to you.

I am fighting hard for your business. My primary focus has been to get our backups from 365. My secondary focus has been to create a temporary landing page system for your website so that you could communicate to your customers and audience.

Late last night I received some new information that I did not have before that has caused me to pause and consider taking legal action.

I’ve reached out to and started discussions with a law firm that specializes in corporate liability and class actions and we are in the process of initiating a class-action lawsuit against 365 Data Centers – for everyone’s benefit. Several customers in our blogging community have stepped up to co-lead the class-action lawsuit on your behalf.

I’ve been fighting hard for our clients. This has really gone on way too long and it’s beyond unacceptable. The damage being done to our brands is devastating.

I do expect to have the timeline from 365 this week and I do anticipate that timeline includes 365 Data Centers turning back on the cloud services and releasing our backups – at least that is what their team has repeatedly been telling me.

We do not yet know details of the new information that David found disturbing, but it’s surely nothing that would make us feel better about the situation.  My hope is that we’ll be back up with Balloon Juice within a week or 10 days.

In the meantime, I’m trying to make this site as comfy as possible since our 3-hour tour has turned into a much longer one than that!

Monday Update from Cole: Piled Higher and Deeper

Piled Higher and Deeper

A long, long time ago, when I was a young man in Basic Training at Disney Barracks in Fort Knox, Ky, a recruit in Bravo Company, 2/13, I had a Drill Sergeant named Shirley Mason. He was a light skinned black man with freckles, reddish hair, and a hairlip, so when he spoke it was with a pronounced lisp. Sometimes it was all we could do to keep from laughing when he yelled at us-


But we didn’t laugh because he was 5’5″ of coiled muscle and anger and we were terrified of him and deified him and loved him all at once.

One day we were in the middle of doing something when it was allowed for us to be talking amongst ourselves while. Unbeknownst to my little crew of four to five guys, Drill Sgt. Mason had been in earshot of us, and had heard us bitching about all the stuff we had to do. It was the usual stuff “I hope we get off early” or “I hope we don’t have to do this” and on and on. Right after I had told Chris Plandell and Brian Carney, two other privates, that I wished we didn’t have to do our weekly fitness test in the morning, Drill Sgt. Mason hollered out in his booming voice:

“Private Cole, I want you to withhhh (wish) in one hand and thhit (shit) in the other and you tell me which one fillth up firthht.”

We received another email update today from David at Bizbudding, which I will share with you in its entirety:

“Hi John

I had a conversation today with two senior members of the 365 team.

They have advised me that there is quicker movement and forward progress and are hopeful to provide us with a timeline for the restoration of your website(s) this week.

Based on 365’s discussions with their cyber forensic partners and their current estimates, they feel this timeline is appropriate to bring the cloud data center back into service.

Again, they confirmed their assessment that customer data is secure and untouched.

365 committed to providing a post-mortem detailed root cause analysis (after all their customers have been restored) that explains the situation and why it is taking so long to restore the environment.

I will share that report with you when I receive it. I will also provide additional updates when received.


I immediately called him after receiving it, and he and I (and, as I just checked my phone before writing this, Watergirl as well) think it is more boilerplate bullshit and nondisclosure from 365, but it IS the first time since this whole nightmare began that they actually stated that the site will be coming up, even if they did not give us a timeline. Bringing it up “this week” is the first time they have even given us an estimate, however abstract and non concrete it might be.

We know how Drill Sergeant Mason felt about hoping and wishing, and I pretty much feel the same way as a prematurely cranky 50 some year old, but right now hoping and wishing is all we really have. So that is how I am looking at things. All we need is access to our data, and we will be back. I hope it is this week, but who knows. Until then, we just soldier on.

In other news, I have seen no appreciable response to my attempts to shame 365 Data Centers in my twitter campaign against them, although I will note that Stephen Klenert, Senior VP of Customer Solutions who was posting tiktoks of him cleaning his patio has now made his account private, so there is that. The whole twitter campaign probably won’t do anything other than make me feel better, but that’s enough for me to keep going.

Other than that, I got nothing.

Be good to each other.


Site Update May 23: Speculation & Update (!)

Must resist the urge to add that image as the banner for our little home away from home.

I saw on John’s twitter feed that the Senior VP of Fucking Customer Solutions at 355 Data Centers made his TikTok private after John posted the TikTok of the guy washing down his driveway this weekend.  So someone from “355” noticed John’s rants, at least.

Apparently at 355, they all have their fingers in their collective ears, chanting “la-la-la I can’t hear you.”

At this point I share Gin & Tonic’s view from Friday.  How does this not become an extinction-level event for “355” Data Centers?

Anyone want to speculate as to the reason for the outage?

Disgruntled employee?
State-sponsored hack?
Random hacker doing it for grins?
Under-funding of safety measures?

Why is it taking so long to resolve?

It’s ransomware and they were trying to get the money?
It’s ransomware and they were stalling, hoping to fix it before paying?
All 365 employees are at a 2-week retreat, except for the poor clueless bastard who has to answer the phone?

Why all the secrecy?

Government agencies involved and they required secrecy?
Outage due to some embarrassing reason they are trying to hide?
The people at the top are uncaring dicks?
Lex Luthor is running the company?

What’s your best guess for the date we actually learn anything tangible?

choose your date

What’s your best guess for when Balloon Juice is back up?

choose your date


Add your best guesses in the comments.  Whoever comes closest wins… something?

If you are not in the mood to speculate, you can admire the cat quilt that Quilting Fool is making me!

I have never seen a quilt before it is quilted before!

Sunday Update from Cole: Greetings from the Warpath

Quick PSA before we get to the actual update:

Over 700 people have subscribed to the Balloon Juice mailing list, but only about 450 of you have opened the previous messages, so as many as 250 of you are not seeing the messages, most likely because gmail (or other email programs) are moving these to “Promotions” – so you never see the updates in your inbox.

John sent out the update this evening at xx, so if you signed up and you are not seeing that message in your inbox, that is probably the reason.

If you tried looking through your folders via the left pane, found “Promotions” and tried dragging a message to your Inbox, the message *might* be copied to your Inbox/Primary tab, but you won’t get the “Would you like all messages from (username) be sent to your Inbox/Primary tab?”.

But, if you click on Inbox, you should have header tabs across the top. You should see Primary, Social, Promotions and Forums. Click the Promotions tab from there and drag the message from (username) to the Primary tab, and you *should* get the “Would you like all messages from (username) be sent to your Inbox/Primary tab?”

Some of these updates come from me and some come from John, so you may have to do that twice, once for each of us.

Okay, here’s today’s update.

Hello all!

I wish I had something positive or informative to add, but I in fact do not. I will let you know that sometime this afternoon I snapped and reached for the nuclear codes and have been going off on twitter all day. I doubt it will do anything, but I am officially ready to burn 365 Data Centers to the ground.

It starts here.

At any rate, I am now starting to think that this was a ransomware attack and they are in the late stages of negotiation to get the data back. It’s the only thing that makes sense. The only way they could KNOW our data is still safe but still not be able to access it is if someone else hacked in, took control of their controls, and of course the data is safe because if they kill the baby they won’t get paid.

This is just speculation, but that is all I have. Other than that, no updates. I talked to the people at the help center and told them to stop lying to me, and they said they were going to pass this on to management, and I told them to start preparing for class action lawsuits. I also asked if Stephen Klenert is still their VP for customer solutions, and they confirmed that he is, so I told them I was thrilled to view his tiktok of him cleaning his patio yesterday.

I am ready for this place to burn down.

At any rate, I have no answers, am in a shite mood because this is twenty+ years of my life’s work and I have no control over what happens to it, and I can’t even eat my fucking feelings because I have no pasta or ice cream in the house.

Take care

Updated at 8:30 on Monday to add better instructions about “Promotions”.  Thanks JWR.

And this tip from NotMax: As for Gmail, easy peasy (i.e., lazy) way to bypass hunting through individual categories is to click the “All Mail” option in the left-hand pane.

And check your spam folder.