International cyberattackers have targeted one of the UK's largest banking groups with a distributed denial-of-service attack (DDoS), according to a press report, in an incident which disrupted online banking services for millions of customers for over two days.
Hackers launched a campaign against the high street banking group two weeks ago, sources have told The Financial Times. This meant customers struggled to access online services and sometimes were unable to use them at all. The FT report attributes the attack to perpetrators from overseas.
Many customers of Lloyds, Halifax, and Bank of Scotland were temporarily unable to make payments or access their accounts, although no financial losses have been reported.
Although it has not been part of the banking group since 2013, TSB bank also suffered outages, likely due to the fact that it still relies on some elements of the same technology platform as the other banks.
Lloyds Banking Group would not confirm whether the outage occurred as a result a cyberattack. "There was an issue with our internet banking, but it's all resolved now," a Lloyds spokesperson told ZDNet.
In an additional email statement, a Lloyds spokeperson said "We experienced intermittent service issues with internet banking between Wednesday morning and Friday afternoon the week before last and are sorry for any inconvenience caused.
"We had a normal service in place for the vast majority of this period and only a small number of customers experienced problems. In most cases if customers attempted another log in they were able to access their accounts," the message continued, adding "We will not speculate on the cause of these intermittent issues."
Banks make a natural target for cybercriminals due to the large amount of money which they store and transfer. The Society for Worldwide Interbank Financial Telecommunication (SWIFT) has previously warned how banks are facing persistent and sophisticated cyberattacks.
The reported cyberattack against Lloyds comes just months after hackers stole £2.5 million from 9,000 online customers at Tesco Bank. The incident was blamed on a "systematic, sophisticated cyberattack" and remains under investigation by The National Crime Agency and the National Cyber Security Centre.
Days before the cyberattack against Tesco Bank, the government warned it will retaliate against international hackers who launch operations against the UK.
Read more on cybercrime
- Odinaff Trojan attacks banks and more, monitoring networks and stealing credentials
- Twitter phishing campaign targets customers of all major UK banks
- How banks fight back against cyberattacks [TechRepublic]
- HSBC fights off denial of service attack on its internet banking systems
- UK bank freezes online transactions after theft [CNET