Something like that. They're still calculating the total amount of bandwidth overage that this incident caused, but it is easily thousands of dollars. Not only that, but they had to re-IP two entire ranges worth of servers.
The DDoS that hit me was the largest that they had ever seen at that facility- on order of 2.5GB/s. They couldn't even handle it directly, it had to be nulled by their inbound providers- who were struggling to hold it too. There would have been no such thing as protection under those circumstances.
All of the data is safe, but unfortunately my customers are going to have to be a bit patient while I pick up the pieces here.