A powerful cyberattack has knocked out key digital services for Russian Railways (RZD), causing widespread disruption across the company’s online platforms.
On April 1, the state-owned railway operator confirmed that both its website and mobile application were the target of a massive Distributed Denial-of-Service (DDoS) attack, which overwhelmed servers and left digital services inaccessible for hours.
Despite the outage, ticket offices and terminals at stations remained operational.
This was reported by United24 Media.
By 12:26 PM Moscow time, the company’s website was still down, displaying a 504 gateway timeout error to visitors.
Downdetector, a service that tracks real-time outages, registered over 1,200 user complaints in just one hour—most citing trouble with the website and app.
This isn't the first time RZD has faced such an incident. A similar DDoS attack in July 2024 temporarily disabled the company’s online services, though they were restored within hours.
Wider Pattern of Transport-Targeted Cyberattacks
The timing of the attack raises eyebrows. Just a day earlier, the Moscow Metro reported its own technical issues, with users encountering a bizarre message referencing Ukrainian Railways (Ukrzaliznytsia). City officials attributed the Metro disruption to maintenance, but the odd messaging pointed to potential cyber interference.
On March 23, Ukrzaliznytsia’s digital infrastructure suffered a major cyberattack, allegedly orchestrated by Russia, that took down ticketing services nationwide. In response, Ukraine opened additional physical ticket counters, especially in Kyiv, and began migrating its digital platform to stabilize services.
By March 29, Ukraine’s railway company reported that online ticketing had returned to stable operation, though technical glitches lingered due to high demand.
No group has claimed responsibility for the attack on RZD.