It was only "beyond their control" because Ancestry did not adequately protect the system from the attack. There ARE WAYS to protect a system from this kind of attack. When you have such a large customer base, it is essential that resources be dedicated to providing security for the system as well as maintaining a quality site for the users. Ancestry is failing in providing its customers a quality, secure system.
The communication about the attack stunk. As some have noted, Ancestry should have emailed all subscribers making them aware of the problem and status instead of us relying entirely on social media or trying to find the only ancestry support page that was working. The subscribers were not compensated in any way for several days of inconvenience which actually seems to be ongoing in some areas.