A cyberattack targeting Ukraine’s national railway operator, Ukrzaliznytsia, disrupted online ticket services and caused long lines at Kyiv’s central railway station. While passengers were forced to buy physical tickets, train operations were unaffected, and the railway maintained its schedule. The attack, which occurred on March 24, 2025, led to overcrowding and delays, with many travelers unable to purchase tickets through the mobile app or website.
Ukrzaliznytsia confirmed the cyberattack, which disrupted ticketing systems but not the train schedule.
The railway operator assured the public that it had activated backup systems and was working with cybersecurity experts to resolve the incident. Despite the inconvenience, the company emphasized its ability to continue operations, citing years of experience handling similar attacks on its infrastructure.
The attack is being investigated with the support of Ukraine’s cybersecurity agencies, but no specific group has been blamed. In the past, Russia-linked hackers have targeted Ukraine’s critical infrastructure, including telecommunication services and government databases. The railway’s critical role in evacuating civilians, transporting aid, and exporting goods underscores the importance of protecting such infrastructure from cyber threats.
Passengers at the station voiced their frustration over the situation, which forced them to wait in long lines.
However, Ukrzaliznytsia took measures to alleviate the impact by increasing staff at ticket counters and allowing military personnel to purchase tickets onboard. The company continues to restore the affected systems and implement additional security measures to prevent future attacks.
Reference:
