"Authorize.net continues to experience a series of large scale distributed denial of service (DDoS) attacks," the company said in a statement on its web site, calling the attacks "unprecedented in their severity and tenacity." The company said the attacks have caused periodic outages for merchants using its service to process credit card payments. Some customers were able to process transactions from existing accounts, but were unable to sign up new accounts.
A series of DDoS attacks in April targeted online payment processing firms Authorize-IT and 2Checkout. Both those attacks were later attributed to extortion schemes in which attackers threatened to knock the firms' web sites offline. Authorize.net's statement included no information about the motivations of the attackers. All three firms are widely used by small web hosting companies and other online merchants who need to accept credit cards but don't have their own merchant account.
Authorize.net said it "employs a number of industry standard hardware and software tools and strategies as a defense against DDoS attacks," but was "implementing additional technology solutions, engaging with industry experts in the area of DDoS attacks and working with law enforcement officials."