Likely a stupid question but… what actual harm was done to BofA and PayPal as a result of the DDOS? Was data stolen? Was there a significant loss of income? It may help to understand actual losses to determine the seriousness of the crime.