In what has been called a “huge cybercrime attack” by most of the national press, but was actually a distributed denial of service attack, Lloyds Bank was brought offline for several days earlier this month.

Details are only now emerging on the DDoS attack, which started on 11 January and impacted all of the Lloyds group, including Halifax and Bank of Scotland. TSB, which was spun off and remains independent but relies on the same infrastructure, was also affected.

Horsing around

Lloyds Bank Newcastle Haymarket
– Wikimedia Commons/TubularWorld

“We experienced intermittent service issues with Internet banking between Wednesday morning and Friday afternoon the week before last and are sorry for any inconvenience caused,” Lloyds said in a statement.

“We had a normal service in place for the vast majority of this period and only a small number of customers experienced problems. In most cases, if customers attempted another log in, they were able to access their accounts. We will not speculate on the cause of these intermittent issues.”

While Lloyds claims the number of users affected was small, the BBC believes the figure was “substantial.”

The Financial Times reports that the DDoS was the work of an “international criminal gang,” but offers little in the way of actual details. The publication adds that the same group targeted other banks, but Lloyds was the only one to fall.

Banks have a long history of being targeted by DDoS attacks, but usually the attempts consist of small-scale campaigns that fail to disrupt users’ access.