Deutsche Bahn has been suffering from continuing IT disruptions caused by a significant Distributed Denial of Service (DDoS) cyberattack that began on Tuesday, 18 February 2026 around midday. The attack, targeting Deutsche Bahn systems in waves, has led to problems with connection searches, ticket display, and completing bookings on both the Bahn-App ‘DB Navigator’ and the website bahn.de. Initially, Deutsche Bahn had indicated the issues were resolving, but later revoked that assurance and confirmed severe ongoing impacts. Deutsche Bahn is working closely with federal authorities but has declined to comment on the attack’s origins, emphasizing customer data protection and system availability as top priorities. The head of Germany’s Federal Office for Information Security (BSI) described the incident as an unusually large-scale attack generating billions of requests per minute, highlighting the unprecedented dimension of the DDoS assault. The Federal Ministry of the Interior refrained from commenting on investigation status, citing the very early phase of inquiry.
Category: Cyber & Information Warfare
Subcategory: Cyber Attacks
Incident Type: Attacks on critical infrastructure (energy, transport, hospitals)
Country: Germany
Source report: www.tagesschau.de/inland/ge…
