KBC sincerely apologises for disruptions in accessing its websites in the last few days

Some KBC clients had temporary problems viewing KBC websites or logging into and using e-banking applications this past Monday evening and Tuesday (17 and 18 February 2014).

The interruptions or delays in service were due to a distributed denial of service (DDoS) attack on Monday evening, flooding KBC websites with data traffic. KBC successfully blocked the DDoS attack, but its aftermath was still evident on Tuesday. Everything was back to normal on Wednesday. KBC understands and sincerely regrets how much unease and disruption this attack must have caused its clients. At no point was security breached as a result.

KBC wishes to once more offer its sincere apologies for any inconvenience possibly experienced by its clients and will do its utmost to block this sort of attack in the future. KBC has since reported the attack to the relevant authorities.

A disruptive hindrance to service, but not a hacking attack

A DDoS attack typically bombards a website with data traffic from multiple compromised computers, overloading the server and making the website respond so slowly as to become temporarily unavailable. All websites are susceptible to such attacks and several banks and companies in Belgium and abroad have fallen victim to them.

DDoS attacks are not hacking attacks but rather try to overload systems, whereas hacking attacks attempt to breach and compromise them. The DDoS attack in question was successfully blocked by KBC, but still caused clients considerable inconvenience by slowing down service to lower than expected levels. The security of clients’ personal details, and online banking and mobile banking was never jeopardised.

Security measures

KBC constantly monitors such attacks, temporarily limiting access to its websites and taking appropriate action where necessary. KBC has always and will always make security a top priority, constantly tracking security issues closely and investing in the most advanced protection available for its systems.

In the unfortunate event of a DDoS attack where e-banking applications are temporarily unavailable, clients can still always contact the KBC Telecenter for highly urgent transactions or conduct them using KBC's ATM services at a nearby KBC Bank branch.

KBC also regularly issues warnings on the login screens of its online applications and gives practical tips to its clients, enabling them to protect themselves as fully as possible in terms of recognising and avoiding malicious or criminal messages and attacks.

The DDoS attack took place on 17 February between 6.45 and 10.30 p.m. and was successfully blocked. The subsequent reconfiguration of our systems on Tuesday caused a number of (minor) after-effects that impacted accessibility to those systems. This resulted in disruptions for some clients between 11.30 a.m. and 3 p.m.