Global payment platform Adyen has confirmed it was the target of a Distributed-Denial-of-Service (DDoS) attack on April 21, 2025, which disrupted services for several customers across Europe. The Adyen cyberattack caused significant delays and failures in processing transactions, highlighting the growing cyber threat of digital attacks on critical financial infrastructure.
The cyberattack on Adyen began at 18:51 CEST on April 21, when Adyen’s internal monitoring systems flagged unusual levels of errors and slow responses across several of its payment services hosted in European data centers. The company’s engineering team swiftly launched an investigation and identified the disruption as a DDoS attack.
Adyen Cyberattack: What Exactly Happened?
A DDoS attack works by beating a system with a flood of traffic, typically from many different sources, making it difficult for genuine requests to be processed. In this case, Adyen reported that the attack came in three distinct waves, each requiring the team to adjust their mitigation strategies in real time.
“At peak, the attack generated millions of requests per minute, originating from a globally distributed and constantly shifting set of IP addresses,” said Tom Adams, CTO, Adyen, in a statement. “This caused saturation of key infrastructure components, which resulted in intermittent availability of some of our services.”
Services Affected in Adyen cyberattack
The Adyen cyberattack specifically targeted the company’s European data centers, which are responsible for handling a large volume of transaction processing and customer-facing applications. The main impact occurred between 18:51 and 19:35 CEST, during which E-commerce and In-Person Payment Transaction processing services experienced intermittent outages and degraded performance.
Additional services affected included:
- Customer Area
- Hosted Onboarding
- Transfer API
Some checkout services, including Session Integrations, Secured Fields, and Pay by Link, remained impacted throughout the entire incident.
This resulted in failed or delayed transactions for a portion of Adyen’s customer base, disrupting normal business operations for those relying on the platform for real-time payments and services.
Adyen’s Response to Cyberattack
The company’s response team quickly activated mitigation protocols, which involved enabling anti-DDoS protections, increasing system capacity, and deploying targeted filtering to identify and block malicious traffic.
“Our teams activated mitigation strategies immediately upon detecting the attack. This included enabling anti-DDoS protections, scaling internal defenses, offloading traffic away from affected services, and deploying targeted filtering rules to block malicious traffic,” the CTO stated in a company statement.
“We actively blocked the most aggressive sources of traffic coming from a wide range of IP addresses.”
Despite these efforts, the evolving nature of the attack, with new waves having different traffic patterns, meant that some services continued to perform below normal standards for several hours.
The incident was officially marked resolved by 03:20 CEST on April 22, nearly nine hours after the Adyen cyberattack began. During this period, Adyen says it kept its customers informed through regular updates on impact and resolution progress.
Commitment to Transparency and Improvement
Adyen’s Chief Technology Officer, Tom Adams, acknowledged the seriousness of the incident and emphasized the company’s commitment to reliability and transparency.
“Reliability is a cornerstone of our business, both for our customers and within our own operations. We take this responsibility seriously, and we deeply regret the disruption this may have caused to your business,” Adams said.
He continued, “Transparency is key, especially when things go wrong. This update outlines what happened, what we’ve done so far, and the actions we are taking to prevent it from happening in the future.”
What’s Next?
Adyen is continuing to monitor its systems for any further attack attempts and is working on a comprehensive post-incident review. This review will include a root cause analysis and outline long-term strategies for preventing similar incidents.
The company has promised to share the findings of this review with its customers to maintain openness and trust.
“We understand how important our platform is to your business, and ensuring the resilience of our platform against future attacks is our ongoing focus,” the company stated.
Conclusion
This cyberattack incident highlights the increasing challenges that digital financial service providers face in ensuring uninterrupted service in the face of evolving cyber threats. DDoS attacks, while not new, are becoming harder to mitigate, especially when they target mission-critical infrastructure like payment gateways.
As businesses and consumers grow more dependent on digital payment systems, the resilience and security of platforms like Adyen become not just a business requirement but a fundamental expectation.
The Cyber Express team has reached out to Adyen for more information regarding the Adyen cyberattack and the precautionary measures being implemented. As of now, no response has been received. We will update this copy as soon as we receive further details.
