Cyber Incident Victim: Fiducia & GAD IT AG
Date:
Jun 2021
Location:
Germany
Summary
A German IT provider serving cooperative banks experienced a distributed denial-of-service (DDoS) attack that disrupted online banking services for over 800 financial institutions, causing widespread website slowdowns and outages. The attack began one morning, intensified overnight, and led to operational challenges for banks including Berliner Volksbank before showing signs of stabilization the following day. The targeted company confirmed customer data remained secure and emphasized its preparedness for such incidents, though isolated disruptions persisted due to ongoing defensive countermeasures. Its crisis team maintained continuous system monitoring to address potential follow-up attacks, noting that such cyber incidents were not uncommon in its operations.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On June 3, 2021, Fiducia & GAD IT AG, a German technology provider for cooperative banks, experienced a distributed denial-of-service (DDoS) attack that disrupted services for more than 800 financial institutions. The attack began on Thursday morning and intensified overnight, overwhelming the company's network with unusually high volumes of data traffic designed to paralyze systems. This caused widespread operational disruptions, including slowed or completely inaccessible online banking platforms for cooperative banks across Germany. Institutions such as Berliner Volksbank reported website outages affecting customer access to digital services. By Friday, the attack entered its second day, though Fiducia & GAD indicated the situation was stabilizing as defensive measures mitigated the assault. The company confirmed its crisis team remained actively engaged in monitoring systems to respond to any renewed attacks.
Fiducia & GAD stated customer data remained secure throughout the incident and emphasized such attacks were not uncommon in the industry. Despite stabilization efforts, the company warned customers might still experience isolated disruptions due to ongoing countermeasures against the DDoS campaign. The IT provider asserted its infrastructure was well-equipped to handle these types of attacks, reflecting established resilience protocols. No additional threat actor motives or identities were disclosed in available reports. Service restoration progressed through Friday afternoon as traffic volumes normalized, though the company maintained vigilance against potential follow-on incidents. The incident highlighted the operational dependencies of cooperative banks on centralized IT providers during cyber disruptions.