It was not an AWS product before or after. It was a SaaS VPN before and a vendor product running on EC2 after. The TCO for a year was $50k before (licenses mostly) and it was replaced with a total cost per month of $25k (licenses, EC2 instances and egress bandwidth) because of misunderstanding of how it worked. As the concentrator and egress gateway were separate components they deployed them in the home region for the org. The end was an egress damage multiplier because local traffic was routed globally to a different AWS region over public internet and then went egress.
There was also a global policy rolled out which pushed the VPN client to various infra machines in branch offices. Some of them were running GitHub runners and data processing software which had terabytes of egress per month.
The whole thing was a disaster and they rolled it back within a week.
The spammer will leave a permanent negative balance, which will leave bandwidth and other providers out that money with little chance of recouping it from the scammers who will just abandon the account and start a new one...
I guess I'm a bit confused about your expectations here. Would you expect your ISP to give up your contact info in regards to a DMCA complaint? I certainly wouldn't; I would expect them to do exactly what they (and bandwidth.com) actually do: alert the user that they received a complaint and/or take action against the user themselves.
Once upon a time it was a possible for a prank call to be traced and the child spanked.
What is more important is that I provided source and destination numbers alongside times and screenshots of their customer violating the law and the response was a 'durrr, ok'.
These providers launder sms and voip spam. I've worked with providers that care about compliance and know when someone DNGAF.
