Deutsche Bahn suffered a large-scale DDoS attack, with disruptions lasting two days
German railway company Deutsche Bahn reported a large-scale cyberattack that significantly disrupted the company's digital services. According to the operator, the outage began on the afternoon of 17 February and affected both the website and the DB Navigator mobile app.
The company said that it was a targeted DDoS attack, which occurred in waves and was directed directly at the group's IT infrastructure. As a result of the massive flow of requests, the ticket booking system and timetable information service were disrupted for many hours. According to DB representatives, the scale of the damage is significant.
Claudia Plattner, head of Germany's Federal Office for Information Security, said that during the attack, the company's servers received billions of requests per minute, which led to system overload. A DDoS attack involves sending a large number of requests from different sources, which can paralyse servers.
On the evening of 17 February, Deutsche Bahn reported that the systems had mostly stabilised, but new failures occurred on the morning of 18 February. The company later assured that all services were back to normal and that the protective measures taken had helped minimise the impact on passengers. DB said its priority was to protect customer data and ensure the availability of information and ticket services.
According to sources, the attack lasted several days and was highly coordinated, even being called a digital siege. There has been speculation in the media about the possible involvement of Russian hackers, but there is no official confirmation of this version at this time. The German Interior Ministry said the company is in contact with national cybersecurity authorities.
German security services had previously warned that transport infrastructure was a potential target for cyberattacks and other hybrid threats.
