Dear bunq team,
it's my understanding that the bunq API servers are hosted by AWS (Amazon), which runs many different virtual machines on shared hardware, though in recent years have allowed customers to specify "Dedicated" tendency, to further isolate and protect them selves of the constant trickle of vulnerabilities being discovered, such as Spectre and Meltdown (https://meltdownattack.com/) or more recently, the Foreshadow attach (https://foreshadowattack.eu/).
From having conversations in the past with other Banking companies' engineers, I know that some use AWS but don't deem it necessary to use Dedicated tenancy, despite being a high-value target for hackers.
Where does bunq stand here? Do you use dedicated hardware in AWS for your servers?
From the AWS documentation:
Dedicated Instances are Amazon EC2 instances that run in a virtual private cloud (VPC) on hardware that's dedicated to a single customer. Dedicated Instances that belong to different AWS accounts are physically isolated at the hardware level.
A nice picture of the difference between the options: https://theithollow.com/wp-content/uploads/2017/09/AWSTenancy1.png
Thanks,
Tim