These clowns did a DDoS on the financial co where I work. They managed to get to about 400Mbs (although they claimed 15Gbps) and never came back. The good thing that came out of it was that we realised our Arbor DDoS wasn't configured right on one of the nodes so that's fixed up now. Our sensors picked it up straight away, the Security Operations Centre reacted in the first few minutes and so most staff/customers/partners didn't even realise.
Their MOO was to try and find email addresses in linkedin/online for various random members of staff at the company and sent out the demand letters a few hours in advance - except we're worldwide and so by the time the letters were centrally understood, it was already pretty much too late.