German state-owned rail operator Deutsche Bahn (DB) suffered a massive DDoS cyberattack, which caused serious disruptions to its bahn.de website and the popular DB Navigator mobile app. The company officially announced the attack on February 18.
The attack began around midday on Tuesday, February 17, and occurred in waves. Users across the country were unable to access up-to-date schedule information, check train status, or purchase or download tickets online. The problems partially resolved by Tuesday evening, but resumed on the morning of February 18, leading to new passenger complaints.
Deutsche Bahn emphasized:
The scale of the attack was “significant.”
The attack was specifically targeted at DB.
Security mechanisms were effective, minimizing damage to customers.
Critical train control systems and traffic safety were not affected.
Customer data was not compromised or stolen.
“We are in constant contact with cybersecurity authorities,” the company stated. The perpetrators of the attack have not been officially identified, but experts and media outlets note that the number of similar DDoS attacks on DB has increased sharply since the outbreak of the war in Ukraine. Some sources directly point to the possible involvement of Russian hacker groups.
This is not the first such incident in recent years – Deutsche Bahn regularly becomes the target of cyberattacks amid geopolitical tensions. The company promises to strengthen the security of its digital services in the coming months.