On September 28th and OCT 3and 4, 2012 services provided to our bank through our provider, Fiserv including Retail Online, Business Online and Merchant Capture were interrupted. We have confirmed that interruptions resulted from two separate distributed denial of service (DDoS) attacks that flooded our Web site with an extremely high volume of electronic traffic from thousands of locations around the world. This flood of traffic, commonly known as a distributed denial of service (DDoS) attack, was intended to crowd out legitimate customers using Fiserv (PGFSB) Web sites, preventing them from accessing online banking and other Internet-based services.We would like to provide you with some insight into the circumstances surrounding this event:
To address this issue:
• Fiserv implemented traffic filters that decreased the flow of traffic and improved the situation.
• A network block was also put in place to prevent all traffic coming into an Internet Protocol (IP) address, which restored services for most clients on September 28, 2012 at 1:15 p.m. ET. This IP address hosts a subset of Web Hosting clients. As a result, this subset of clients continued to experience a service disruption but service was subsequently restored over the course of September 28 and 29, 2012. On October 3, 2012, beginning at 4:50 p.m. ET, the same set of services was interrupted. To address this issue Fiserv implemented the same mitigation approach that they used to address the issue of September 28, 2012, which restored all services at 6:15 p.m. ET, with the exception of Web Hosting, which was restored for all clients by 8:35 p.m. ET.
• Additionally, they have installed a highly customizable filtering service with our primary Internet Service Provider (ISP), to further enhance our already diverse and layered security capabilities. If you wish to discuss this or have questions, please contact your account representative.