Adyen Hit by Major DDoS Attack Disrupting Payments Across Europe

Article Highlights
Off On

On April 21, 2025, Adyen, a global payment platform, faced a major disruption due to a significant Distributed-Denial-of-Service (DDoS) attack, affecting numerous customers across Europe. This incident underscored the growing threat and sophistication of cyberattacks targeting financial infrastructure. The attack resulted in widespread delays and transaction failures at crucial moments, highlighting the importance of robust cybersecurity measures.

Attack Overview and Immediate Impact

The cyberattack began at 18:51 CEST when Adyen’s internal monitoring systems detected an unusual surge of errors and sluggish response times in various payment services hosted in European data centers. A swift investigation by the company’s engineering team revealed that the issue was a DDoS attack, which overwhelmed the system with excessive traffic from multiple sources, making it nearly impossible to process legitimate requests efficiently. The peak of the assault saw millions of requests per minute targeting vital infrastructure components, leading to intermittent service availability. Notably, the most significant disruptions occurred between 18:51 and 19:35 CEST.

The attack unfolded in three distinctive waves, each wave forcing the engineering team to adjust their mitigation strategies. With each wave, the attack generated traffic from a globally distributed and continuously changing set of IP addresses. This overwhelming influx caused saturation of key infrastructure components, leading to intermittent availability of some services. E-commerce and In-Person Payment Transaction services were particularly affected, experiencing sporadic outages and degraded performance. The immediate impact of the attack highlighted the persistent and escalating cyber threats facing digital financial service providers.

Affected Services and Customer Impact

Several core services were significantly impacted, especially the European data centers that handle a substantial volume of transactions and customer-facing applications. In addition to E-commerce and In-Person Payment transactions, other disrupted services included the Customer Area, Hosted Onboarding, and Transfer API functions. Certain checkout services, such as Session Integrations, Secured Fields, and Pay by Link, also experienced prolonged disruptions throughout the incident. Consequently, many of Adyen’s customers encountered failed or delayed transactions, complicating regular business operations that depend on real-time payments. The widespread service disruptions underscored the criticality of securing payment infrastructure against such sophisticated cyberattacks.

Many merchants and businesses relying on Adyen’s payment platform faced immediate challenges as transactions failed or were delayed. The impact of the attack was particularly felt by businesses operating during peak hours. The failure of real-time payments disrupted normal operations and led to customer dissatisfaction. In an increasingly digital economy, the reliability of payment systems is paramount, and the incident highlighted the vulnerabilities that even major platforms like Adyen face.

Response and Mitigation Efforts

In response to the cyberattack, Adyen’s dedicated engineering team swiftly activated mitigation protocols. These included enabling anti-DDoS protections, scaling up system capacity, and deploying targeted filtering measures to identify and thwart malicious traffic. Despite these efforts, the dynamic nature of the attack, with new waves exhibiting different traffic patterns, posed continuous challenges. Some services continued to experience degraded performance for several hours before the situation was fully resolved. The incident was declared resolved at 03:20 CEST on April 22, nearly nine hours after the attack had commenced. Adyen maintained transparency throughout the incident by providing regular updates to its customers on the impact and progress toward resolution. This proactive communication helped maintain customer trust during a challenging period. Despite the setbacks, the company’s swift response and coordinated efforts underscored a commitment to minimizing disruption and restoring normal service levels as quickly as possible. The incident highlighted the importance of having robust and dynamic response strategies to address the evolving nature of cyberattacks.

Communication and Transparency

Throughout the incident, Adyen maintained a high level of transparency by keeping its customers informed through regular updates about the ongoing efforts and the service status. Chief Technology Officer Tom Adams acknowledged the severity of the incident and emphasized the company’s commitment to reliability and customer communication. He expressed regret for the disruptions caused to customers’ businesses and reassured them that Adyen is actively monitoring for further threats. Adams emphasized the importance of transparency in addressing such issues and highlighted the company’s dedication to conducting a comprehensive incident review.

Adams reaffirmed the company’s commitment to reliability, stating that it is paramount to Adyen’s operations. He outlined plans to continue monitoring for further attack attempts and to conduct a thorough post-incident review. This review will include a detailed root cause analysis and the development of long-term strategies to prevent similar incidents in the future. Adyen has promised to share the findings of this review with customers to maintain openness and trust. The company’s proactive stance and commitment to transparency demonstrate a focus on rebuilding customer trust and ensuring the reliability of its services.

Long-Term Strategies and Future Prevention

Adyen has committed to a thorough post-attack review focused on identifying the root causes of the incident and developing long-term strategies to prevent similar occurrences. The company plans to implement enhanced security measures based on the findings of this review, aiming to bolster system resilience against emerging and evolving cyber threats. By continually improving its defenses, Adyen aims to ensure the reliability and security of its payment services and meet the growing expectations of security in the digital age. The company has also stressed the importance of sharing the review findings with customers to reinforce transparency and trust. This initiative is part of Adyen’s broader commitment to maintaining open communication and collaboration with its client base. As part of the long-term strategy, Adyen will prioritize investments in advanced cybersecurity technologies and employ continuous monitoring practices to detect and mitigate potential threats proactively. The goal is to stay ahead of cybercriminals and ensure that the company’s infrastructure remains robust and secure.

Broader Implications and Industry Challenges

On April 21, 2025, Adyen, a well-known global payment platform, encountered a major disruption caused by a significant Distributed-Denial-of-Service (DDoS) attack. This cyberattack had widespread consequences, severely impacting numerous customers throughout Europe. As a result, there were extensive delays and transaction failures, which occurred during critical times. This incident highlighted the escalating threat and increasing sophistication of cyberattacks aimed at financial infrastructures. The situation underscored the urgent necessity for businesses to implement robust cybersecurity measures to safeguard against such events. Cybersecurity has become an integral part of maintaining the integrity and functionality of financial systems, given the potential for such attacks to disrupt essential services and cause considerable economic loss. Proactive measures, continuous monitoring, and the adoption of advanced security protocols are imperative to counteract the evolving tactics of cybercriminals. This event serves as a potent reminder of the vulnerability of even the most advanced systems and the importance of remaining vigilant in an age where digital threats are constantly evolving.

Explore more

Why Are Small Businesses Losing Confidence in Marketing?

In the ever-evolving landscape of commerce, small and mid-sized businesses (SMBs) globally are grappling with a perplexing challenge: despite pouring more time, energy, and resources into marketing, their confidence in achieving impactful results is waning, and recent findings reveal a stark reality where only a fraction of these businesses feel assured about their strategies. Many struggle to measure success or

How Are AI Agents Revolutionizing Chatbot Marketing?

In an era where digital interaction shapes customer expectations, Artificial Intelligence (AI) is fundamentally altering the landscape of chatbot marketing with unprecedented advancements. Once limited to answering basic queries through rigid scripts, chatbots have evolved into sophisticated AI agents capable of managing intricate workflows and delivering seamless engagement. Innovations like Silverback AI Chatbot’s updated framework exemplify this transformation, pushing the

How Does Klaviyo Lead AI-Driven B2C Marketing in 2025?

In today’s rapidly shifting landscape of business-to-consumer (B2C) marketing, artificial intelligence (AI) has emerged as a pivotal force, reshaping how brands forge connections with their audiences. At the forefront of this transformation stands Klaviyo, a marketing platform that has solidified its reputation as an industry pioneer. By harnessing sophisticated AI technologies, Klaviyo enables companies to craft highly personalized customer experiences,

How Does Azure’s Trusted Launch Upgrade Enhance Security?

In an era where cyber threats are becoming increasingly sophisticated, businesses running workloads in the cloud face constant challenges in safeguarding their virtual environments from advanced attacks like bootkits and firmware exploits. A significant step forward in addressing these concerns has emerged with a recent update from Microsoft, introducing in-place upgrades for a key security feature on Azure Virtual Machines

How Does Digi Power X Lead with ARMS 200 AI Data Centers?

In an era where artificial intelligence is reshaping industries at an unprecedented pace, the demand for robust, reliable, and scalable data center infrastructure has never been higher, and Digi Power X is stepping up to meet this challenge head-on with innovative solutions. This NASDAQ-listed energy infrastructure company, under the ticker DGXX, recently made headlines with a groundbreaking achievement through its