Russia’s state-owned railway, RZD, confirmed it was the target of a cyberattack that disrupted its website and mobile application. The attack, identified as a distributed denial-of-service (DDoS) incident, flooded the digital platforms with junk traffic, causing outages. Despite the disruptions, ticket sales continued at physical offices across stations and terminals. RZD is working to restore the functionality of its online services, though it did not provide details on the scale or timeline.
The attack on RZD’s digital platforms came just days after a similar incident affected Moscow’s subway system on Monday. Both incidents are part of a larger pattern of disruptions involving Russian transportation agencies. As of the latest reports, the outage monitoring site Downdetector showed ongoing issues with RZD’s app and website, with Russian users unable to load the services or purchase tickets online. The cause of the attack remains unknown, leaving the public in uncertainty.
This attack on RZD follows a series of disruptions targeting transportation systems in Russia and Ukraine. Ukrainian officials reported a cyberattack on Ukrzaliznytsia, the national railway operator, involving sophisticated malware specifically designed to target the railway’s infrastructure. Although this attack disrupted the Ukrainian railway’s mobile app and website, it did not affect train schedules. Cybersecurity experts noted the significant preparation and resources required for such an attack, highlighting the increasing sophistication of cyberattacks on critical infrastructure.
RZD had faced previous cyberattacks earlier in the year, including a data breach claimed by the pro-Ukrainian hacker group CyberSec. The group leaked sensitive information from RZD’s corporate portal, including personal data of employees, such as names, phone numbers, and vacation dates for 2025. RZD has yet to comment on this data leak. The repeated cyber incidents underscore the vulnerability of transportation infrastructure to cyberattacks, which continue to disrupt services.
Reference:
