Three weeks after a distributed denial of service (DDoS) attack impacted its online services, Kiwibank is still suffering from outages impacting its customers.
A statement on both the company's Facebook and Twitter accounts said it was aware customers are currently unable to access our app and internet banking.
"We apologise for the disruption and really appreciate your patience while we work to get this sorted. Arohanui."
Other organisations impacted by the DDoS attack, including ANZ Bank, Metservice and NZ Post no longer appear to be having any issues.
Earlier this month Kiwibank had advised customers to keep likely access problems in mind and plan ahead with regards to payments or transfers, pledging to reimburse any customer charged extra because of the cyberattack.
"We will reverse any fees our customers have incurred due to the outages which include phone banking and dishonour fees. Any fees that may have been charged will be refunded."
The latest outage has been met with disappointment by customers on social media, with many suggesting it might be time to find a new bank.
"Well I'll be changing banks soon as I can. So over this bull," wrote one Facebook user.
Others simply want to know why it keeps happening.
"Is there any way that you can give us some kind of explanation about what’s actually happening?" one tweeted.
"It’s all a bit unsettling but might help if you are transparent w us about what you do or don’t know."
Customers across social media were also asking for more visibility of the issue, with no information on the main bank website, leaving some thinking the issue was only with them until they finally checked social media.
Some have reported phone lines are also cutting off as they attempt to contact the bank for updates.
DDoS cyberattacks aim to stop access to computer systems, says CERT NZ, the Government's cybersecurity agency.
"They typically target servers to make websites and payment services unavailable - preventing legitimate users from accessing the online information or services they need," the CERT website says.
It does so by flooding a website with fake requests in order to overload the system. With websites and networks only able to process a certain amount of requests at any one time this causes issues for those trying to access the site.
Generally this means only accessing the services are impacted, with no danger to customers' private information or access to their money.
Kiwibank has been contacted by Newshub for comment.
