Yesterday afternoon, Dwolla’s service providers became the victim of a distributed denial of service event, resulting in limited or no availability to the website, Dwolla.com.
This advanced event, still persists today, and is preventing people from viewing the website and consequently accessing its services. We apologize for this inconvenience and are working hard with our service providers to resolve the issue.
March 28, 2013 UPDATE 1:50pm CT
Third-party developers have been formally notified of the service interruption. Our team continues to work closely with service providers.
March 28, 2013 UPDATE 4:44pm CT
There’s been some misunderstanding concerning our hosting strategies. Dwolla uses isolated dedicated servers to host the Dwolla application. It does not share a virtual presence with other organizations inside a physical server. Our dedicated servers are kept in data centers specializing in redundancy and housing other isolated dedicated servers.
March 28, 2013 UPDATE 5:44pm CT
We’ve made meaningful progress with our hosting providers, and are now beginning to test accessibility with the web app. Mobile and API testing to begin soon.
March 29, 2013 UPDATE 10:15am CT
Dwolla has begun testing the API internally and hope to have its services back up today.
March 29, 2013 UPDATE 1:05pm CT
Initial configuration testing was successful, the API and mobile apps are back up and running. Please contact @BaconSeason if you have further questions.
CLARIFICATION 3:05pm CT
As of 1:30pm CST, Dwolla operations have returned to normal. We will continue to monitor and assess the situation and post any relevant updates here.
April 9, 2013 UPDATE 4:05pm CT
Between March 26 and March 29, 2013, Dwolla’s service provider began experiencing a large volume of traffic to its website. This event, called a DDoS attack, resulted in intermittent or no access to Dwolla through its online site and API offerings for a total of 24 hours.
Is my data and money safe?
Yes. Dwolla has conducted a thorough investigation since the incident. During the investigation, Dwolla’s dedicated security team did not find evidence to suggest that users’ account information or balances were affected by the event.
Dwolla and our hosting providers implemented numerous steps aimed at protecting access to Dwolla.com in event of a future attack. Although no system can guarantee complete availability during such events, we feel confident in the measures taken and remain vigilant.