Although not officially reported by Lloyds, sources are saying today that Millions of customers online banking services were disrupted as cyberhackers launched a massive DDOS attack on Lloyds about 2 weeks ago.
Lloyds Banking Group would not confirm whether the outage occurred as a result a cyberattack. “There was an issue with our internet banking, but it’s all resolved now,” a Lloyds spokesperson told ZDNet.
While Lloyds did not give a reason for the intermittent issues with their online banking services, they were quick to point out that they would not speculate as to what caused the service interruptions.
And that sounded odd to me. Hopefully, they have enough reporting to determine what might have caused their online systems to go down.
But the Register in the UK had a likely explanation for why Lloyds might be hesitant to place the blame on cyber attackers.
David Kennerley, director of threat research at Webroot, commented: “Customers being unable to access their online services can hurt any institution’s brand, but it’s also important to understand that a DDoS attack is not a ‘hack’. A DDoS attack can be used to deflect security defenders away from other attacks that may be happening on the network – but this doesn’t sound like the case here.”
At Least One Hacker Claiming Responsibility
Vice is reporting that at least one hacker is claiming responsibility for the DDOS attack and sent an email to a Lloyds employee requesting a consulting fee of 75,000 GBP.
In exchange for the consulting fee (which was to be paid in Bitcoin), the hacker promised to release the security hole he had found, as well as going away and not bothering Lloyds again.
Apparently, the fee was never paid, but it appears that the attacks have stopped for the moment.
Again, however, Lloyds officially denies the service interruptions were Cyber related.
We’ll see how this develops but these types of cyberheist DDOS attacks could grow as they are becoming more commonplace on UK banks. Last month, I wrote about the large Tesco breach – Tesco Breach 40,000 Accounts.