A cyber attack by an international criminal gang hit some of the UK’s largest banks in a move that brought down digital services at Lloyds Banking Group intermittently for more than two days, Financial Times reports.
The DDOS attack was unleashed on high street lenders two weeks ago, although only customers of Lloyds experienced problems accessing their accounts.
The attack affected Lloyds and its Halifax and Bank of Scotland brands, leaving many customers unable to use services for checking their balance or sending payments for as long as two days.
This recent breach comes just months after a high-profile cyber heist against Tesco Bank, which forced the lender to repay £2.5m to 9,000 customers who had their money stolen.
Other banks have also been hit by service outages in the past two years after their systems were breached by cyber attacks. HSBC’s personal banking website and mobile app temporarily shut down after a denial of service attack early last year, locking out thousands of customers.
Prior to Lloyds’ attack, Deutsche Telekom were the most recently hit as their servers were taken offline by the record-breaking Mirai botnet.
System failures often happen towards the end of the month near payday — as was the case for RBS — or on special events when large volumes of transactions occur. However, successful attacks expose vulnerabilities in banks’ systems, which in many cases are based on core legacy technology that is often decades old.
Banks and regulators are under pressure to improve their systems’ resilience. Andrew Tyrie, chairman of the Treasury committee, last year called on regulators to help bolster the security and resilience of Britain’s banks following a high number of system failures. Lloyds Banking Group declined to comment.