Deutsche Bahn DDoS Confirmed: Cyberattack Hits German Rail IT Systems, Disrupts Services
Published
Key Takeaways
- DDoS Attack Confirmed: German rail operator Deutsche Bahn confirmed a Distributed Denial of Service (DDoS) attack targeted its IT systems, causing widespread disruptions.
- Service Impact: The cyberattack led to outages in ticketing and schedule information on both the company's website and its Navigator app.
- Recurring Threat: This incident follows a pattern of recent attacks on German transport infrastructure, raising concerns about cybersecurity in the transportation sector.
Deutsche Bahn, Germany's national rail operator, announced on Wednesday that a significant cyberattack had disrupted its digital services. The company reported that its IT infrastructure was targeted by a Distributed-Denial-of-Service (DDoS) attack around midday on Tuesday.Â
As a result, passengers experienced failures in booking tools and travel information services on both the website and the DB Navigator app. While the company stated that defensive measures were deployed to minimize the impact, some disruptions persisted into Wednesday morning.
Impact on Rail Service Disruption
The DDoS attack on German rail primarily affected customer-facing digital interfaces rather than train operations themselves. However, the inability to access real-time schedules or purchase tickets created significant inconvenience for travelers.Â
Deutsche Bahn emphasized that, while the attack was considerable and occurred in waves, its top priority remained protecting customer data. The operator assured the public that systems were largely stabilized by Tuesday evening, though intermittent issues continued.Â
An Interior Ministry spokeswoman confirmed that the company is in contact with federal cybersecurity authorities regarding the incident.
Rising Cybersecurity in Transportation Concerns
German security agencies have previously warned that transport networks are prime targets for both cyber and physical attacks, particularly amidst heightened geopolitical tensions. The rail operator has faced a string of incidents recently, including physical sabotage of cables last year.Â
Authorities continue to investigate the attack's source, though Deutsche Bahn has declined to comment on speculation about specific perpetrators.
Recently, German authorities announced the identification of a Russian national as the Black Basta ringleader and contributed to a global operation that disrupted the RedVDS Cybercrime-as-a-Service infrastructure.Â
A November cybersecurity report revealed that Russia-aligned RomCom used SocGholish to deploy Mythic Agent on Ukraine supporters in a new campaign linked to GRU Unit 29155. One month later, the German Parliament allegedly experienced an email outage during U.S.-Ukraine talks, fueling suspicions of a cyberattack.
In March 2025, the Ukrainian Railways were also hit by a large-scale cyberattack, but operations remained stable.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular