Ukraine’s national railway operator, Ukrzaliznytsia, has fallen victim to a large-scale cyberattack, severely disrupting its online ticket sales and forcing passengers to rely on physical ticket booths. The attack, which began on March 23, has caused significant delays, long queues, and overcrowding at train stations as people struggle to secure their travel arrangements. Despite the disruption to digital services, train schedules have remained unaffected, ensuring that rail transportation across the country continues without major interruptions.
In response to the attack, Ukrzaliznytsia has taken steps to mitigate the inconvenience by deploying additional staff at ticket offices to accommodate the surge in demand. However, the company acknowledged that waiting times remain long and urged passengers not to overcrowd sales points unnecessarily. To ensure that military personnel are not affected by the disruption, they have been granted the option to purchase tickets directly from train conductors. Meanwhile, civilians who had bought their tickets online before the cyberattack are advised to use the PDF copies sent to their email or arrive at the station early to seek assistance from railway officials.
Ukrzaliznytsia confirmed the cyberattack in an official statement across multiple communication platforms, apologizing for the inconvenience caused to passengers. The company emphasized that, despite the challenges, train operations were running smoothly and schedules had not been impacted. Officials noted that prior experience with cyberattacks had helped strengthen the railway’s response mechanisms, allowing it to implement backup protocols that ensured continuity of service.
However, online ticket sales remain unavailable as efforts continue to restore affected systems.
Describing the attack as highly systematic and multi-layered, Ukrzaliznytsia stated that it was working closely with cybersecurity specialists from Ukraine’s Security Service (SBU) and the Government Computer Emergency Response Team (CERT-UA) to identify vulnerabilities and strengthen its defenses. While the company did not specify the origin of the attack, cyber threats targeting Ukrainian infrastructure have been a persistent issue since the start of Russia’s full-scale invasion. Both state agencies and private companies have faced frequent cyber incidents, highlighting the growing challenges in securing critical infrastructure.
Despite the cyberattack, Ukrzaliznytsia remains committed to maintaining uninterrupted rail service. The company reassured passengers that its backup systems were in place to handle such incidents, ensuring that transportation across Ukraine and beyond continues without disruption. However, no specific timeline has been given for when online ticketing services will be fully restored, leaving passengers to rely on in-person ticket purchases for the foreseeable future.