Comment by orlp

> Not to mention the strong conflict of interest for netlify, who stands to gain from their customers being attacked. Netlify is getting paid for something criminal in nature having occurred.

I think you could argue that Netlify is guilty of racketeering in OP's case.

1. They admit illegal activity happened (a DDoS attack).

2. They demand money to be reimbursed for the illegal activity. However, the reimbursement they ask is several hundred times higher than the actual damages incurred.