Ukraine’s State Railway Ukrzaliznytsia Hit by Major Cyberattack

On March 23, Ukraine’s state railway company, Ukrzaliznytsia, experienced a large-scale, targeted cyberattack that disrupted its online systems.

According to official statements, while digital ticketing services remain offline, all train operations continue without delays.

Ukrzaliznytsia, the country’s national railway operator, is a key component of Ukraine’s civilian and logistics infrastructure, providing critical passenger and cargo transportation across the country and to international destinations.

The company reported that the attack was “highly systematic, non-trivial, and multilayered,” requiring a full system audit before services can be safely restored from backups. Ukrzaliznytsia is currently working in coordination with Ukraine’s Security Service (SBU) cyber department and external partners to assess and resolve system vulnerabilities.

Despite the disruption to its IT infrastructure, the railway has continued operating normally by switching to backup protocols. “The enemy failed to achieve its primary goal—train traffic is stable, and all operational processes are functioning in reserve mode,” the company said in a statement.

Online ticket purchases are temporarily unavailable. Passengers are being asked to buy tickets at railway stations, where additional staff and extended working hours have been introduced. For international travel, in-person ticket sales have been activated for March 24 and 25—a process that is normally handled online.

Travelers unable to purchase tickets in advance are advised to board their scheduled trains directly, where conductors will process tickets on-site. However, Ukrzaliznytsia notes that seat availability may be limited in certain classes.

Ukrzaliznytsia has a history of being targeted by cyberattacks, and in response, has implemented contingency protocols that allow operations to continue even during technical disruptions. Officials confirmed that restoration work is ongoing and updates on the return of online services will be announced once available.

Earlier, in December 2024, Russian hackers launched a major cyberattack on Ukraine’s state registries, temporarily disabling systems within the Ministry of Justice. According to Deputy Prime Minister Olha Stefanishyna, the attack—described as the most severe on state infrastructure in recent memory—targeted key databases, including civil status records and property registries. Restoration was estimated to take up to two weeks.