By: Jordan,

Yesterday afternoon, Dwolla’s service providers became the victim of a distributed denial of service event, resulting in limited or no availability to the website, Dwolla.com.

This advanced event, still persists today, and is preventing people from viewing the website and consequently accessing its services. We apologize for this inconvenience and are working hard with our service providers to resolve the issue.

In the meantime, we will continue to update this post with more details.

March 28, 2013 UPDATE 1:50pm CT

Third-party developers have been formally notified of the service interruption. Our team continues to work closely with service providers.

March 28, 2013 UPDATE 4:44pm CT

There’s been some misunderstanding concerning our hosting strategies. Dwolla uses isolated dedicated servers to host the Dwolla application. It does not share a virtual presence with other organizations inside a physical server. Our dedicated servers are kept in data centers specializing in redundancy and housing other isolated dedicated servers.

March 28, 2013 UPDATE 5:44pm CT

We’ve made meaningful progress with our hosting providers, and are now beginning to test accessibility with the web app. Mobile and API testing to begin soon.

March 29, 2013 UPDATE 10:15am CT

Dwolla has begun testing the API internally and hope to have its services back up today.

March 29, 2013 UPDATE 1:05pm CT

Initial configuration testing was successful, the API and mobile apps are back up and running. Please contact @BaconSeason if you have further questions.

CLARIFICATION  3:05pm CT

As of 1:30pm CST, Dwolla operations have returned to normal. We will continue to monitor and assess the situation and post any relevant updates here.

April 9, 2013 UPDATE 4:05pm CT

Summary

Between March 26 and March 29, 2013, Dwolla’s service provider began experiencing a large volume of traffic to its website. This event, called a DDoS attack, resulted in intermittent or no access to Dwolla through its online site and API offerings for a total of 24 hours.

Is my data and money safe?

Yes. Dwolla has conducted a thorough investigation since the incident. During the investigation, Dwolla’s dedicated security team did not find evidence to suggest that users’ account information or balances were affected by the event.

Solution

Dwolla and our hosting providers implemented numerous steps aimed at protecting access to Dwolla.com in event of a future attack. Although no system can guarantee complete availability during such events, we feel confident in the measures taken and remain vigilant.

 

Get our awesome blog posts delivered to your inbox:
Financial institutions play an important role in the Dwolla network.

Dwolla, Inc. is an agent of Veridian Credit Union and Compass Bank and all funds associated with your account in the Dwolla network are held in pooled accounts at Veridian Credit Union and Compass Bank. These funds are not eligible for individual insurance, including FDIC insurance and may not be eligible for share insurance by the National Credit Union Share Insurance Fund. Dwolla, Inc. is the operator of a software platform that communicates user instructions for funds transfers to Veridian Credit Union and Compass Bank.