Cyber Incident Victim: Swedbank

On November 6, 2015, Swedbank experienced a distributed denial-of-service (DDoS) attack that disrupted access to its online banking services through its primary website. The attack rendered the website incapable of processing online transactions, directly impacting customers attempting to conduct banking activities via this channel. While the main website was compromised, Swedbank confirmed that customers could still access their accounts through a specific alternative URL, though transactional functionality remained unavailable through the web interface. The bank’s mobile applications and payment systems continued to operate normally during the incident, unaffected by the DDoS attack. Claes Warren, a spokesman for Swedbank, publicly acknowledged the disruption and clarified the operational status of these alternative access points. This incident followed a prior hacker attack targeting the same website in October 2015, indicating a pattern of cybersecurity challenges for the institution during this period.

Warren stated that the bank anticipated restoring full website functionality soon but offered no precise timeline for resolution. He further commented that such attacks would likely continue, reflecting an expectation of persistent threats to the bank’s digital infrastructure. The incident’s immediate impact was confined to the disruption of web-based transaction processing, with no reported compromise of customer data or financial systems. Swedbank’s public communications focused on service restoration assurances without disclosing technical details about the attack’s scale, origin, or mitigation strategies. The bank’s acknowledgment of recurring threats highlighted its operational reality amid increasing cyber threats to financial institutions during this timeframe. No additional consequences, such as financial losses or regulatory actions, were detailed in the available reporting.