Code Spaces was a code hosting and project management platform (similar to GitHub) that operated entirely on AWS. On June 17, 2014, an attacker gained access to Code Spaces’ AWS control panel (the EC2 administrative console) via stolen credentials and simultaneously launched a DDoS attack against the platform. The attacker sent a demand for payment. When Code Spaces attempted to wrest back control of the AWS console by changing passwords, the attacker retaliated by systematically deleting almost all of Code Spaces’ EC2 instances, EBS snapshots, S3 objects, and AMIs — both production data and backups. Code Spaces announced on June 18 that the company would be shutting down, as it would be ‘impossible to continue trading.’ This catastrophic incident is a landmark case in cloud security, illustrating: (1) the existential danger of inadequate AWS account access controls (single-factor authentication on the root/admin account), (2) the importance of keeping backup credentials in isolated accounts, and (3) the need to separate backup storage from the main account so ransomware/attackers cannot destroy backups.