Conjecture: Security is a probabilistic thing. They have threat levels which are derived from real-time data and the predictability of behaviour. So if an individual suddenly changes browser or IP they might trip. Or if an entire IP range does the same thing, that might be a hint at a hijack.
My guess is that something bad has happened centrally, which tripped the security heuristics as an unexpected event at a very high level. It then elevated the security for a very large number of users.
Probably a lot of users are trying to refresh calendar right now (which will probably hit the calendar service).
If they put ddos protection in front of it, it won't hit the calendar service but the ddos-protection-service.