More than 10,000 UK-based online retailers saw their operations come to a standstill on Tuesday when third-party payment processing systems provider WorldPay’s IT systems went down.
WorldPay, which provides payment processing systems for 27,000 merchants across the globe, said there had been a “concerted and co-ordinated effort" to attack its core systems.
The attack, the nature of which is being investigated by WorldPay, resulted in payment processing systems, e-mail and the corporate website going down, the Royal Bank of Scotland-owned company said.
Although e-mail communication was restored on Tuesday afternoon, the payment processing systems – vital to the running of online merchants’ operations – were still down this morning.
“There has been a concerted and co-ordinated effort by a third party to attack our system,” said Simon Fletcher, head of UK communications at WorldPay.
“Regrettably, customers have been unable to conduct operations as a result and we apologise for this. We are throwing all the resources we have got at addressing the problem.”
“WorldPay’s entire business is based on payment processing and it is absolutely staggering that they have not got an alternative route in the case of failure,” said a WorldPay customer.
“Last week, it had a planned four-hour outage which is not acceptable in itself as far as I’m concerned, but this is beyond that.”
WorldPay has fail-over and disaster recovery technology in place, as well as a multi-layered security approach, but the fact it was victim of a concerted attack meant these were not effective, Fletcher said.
“It is not as if we have lost a server – this was a co-ordinated effort,” he said. “The key for us is to try and get on and resolve the issue and take lessons so it does not happen again.”
WorldPay customers can e-mail the company on firstname.lastname@example.org or telephone 0870 742 7002 for updates.