Early this morning, a coordinated cyberattack knocked out cross-border payment processing across Europe, North America and Asia. Major banks, clearing houses and financial regulators reported widespread outages: routing systems used for correspondent banking — the SWIFT-like rails that move money between institutions — stalled, and real-time settlement platforms backed up as queues grew and staff switched to manual workarounds.
What happened
– Detection came quickly, but the disruption is still unfolding. IT teams at multiple institutions triggered failover procedures while regulators issued emergency alerts. Customers began noticing delayed transfers, and some companies saw payrolls postponed as firms scrambled to ensure next-day liquidity.
– Clearing houses and payment providers limited inbound and outbound cross-border flows to contain the breach, and some critical processing was moved to isolated backup systems. Hotlines were set up to support corporate clients and give firms operational guidance.
Response and investigation
– Incident response teams from affected banks, together with national and international regulators, opened a cross-border investigation. Cybersecurity specialists are isolating compromised nodes and carrying out forensic analysis; investigators say they’ve found encrypted artifacts that point to a sophisticated intrusion vector.
– Regulators convened crisis cells and advised firms to suspend non-essential cross-border settlements and delay large-value transactions where feasible. Several banks activated contingency protocols and began reviewing relationships with third-party vendors.
Ongoing impact and next steps
– Delays and temporary service suspensions persist for some customers, and authorities are closely monitoring liquidity and settlement risks. Market participants have been instructed to follow contingency procedures and report any anomalies immediately.
– Third-party providers are facing targeted audits and contractual reviews. Investigators expect to publish technical findings within 48 hours as they assess data integrity and map recovery timelines, but full restoration will hinge on those checks.
This remains an active incident. Financial institutions and regulators are coordinating internationally to contain the breach, restore normal processing and share technical findings as they become available.