Cyberattack on Ukrzaliznytsia: latest news, downtime, system recovery
Due to temporary functionality limitations of Ukrzaliznytsia’s internal networks, employees who cannot fully perform their duties will be transferred to standby mode.
This information was published by the Chairman of the Board of Ukrzaliznytsia, Oleksandr Pertsovskyi, through the internal communication channel for employees, as reported by Rail.insider. The company head noted that IT specialists have been working for four days to restore systems after a large-scale cyberattack.
“The ticket purchase application has already been restored, and the process of its stabilization and full functionality restoration is ongoing. In parallel, teams are working on restoring systems that support freight transportation, internal operational, HR, financial, and other processes. All employee computer equipment is undergoing thorough inspection for malicious software. Under conditions of limited access to IT systems, many administrative workers cannot effectively perform their tasks,” – explained Oleksandr Pertsovskyi.
He added that Ukrzaliznytsia cannot allow “administrative workers in the central office, branches, and regions to simply come to work and look at turned-off monitors.”
“We have decided to introduce a standby mode for employees who temporarily do not have a full workload, with partial payment. This will allow us to preserve company resources, and employees – to use their time more effectively. Such changes in work organization will remain in effect until the complete restoration of corporate IT systems and services,” – noted the Chairman of the Board of Ukrzaliznytsia.
Recall that on the morning of March 23, Ukrzaliznytsia reported a failure in its IT systems, not immediately indicating the causes. Later, Oleksandr Pertsovskyi confirmed that the company had suffered an unprecedented, complex, and multi-level cyberattack on its servers and IT resources. Online services are still experiencing interruptions.
Cybersecurity experts have already provided initial assessments of the scale of the hacker attack on Ukrzaliznytsia.
According to the company, backup infrastructure has now been deployed in a secure environment, and preparation is underway to restart critical systems from backup copies.
Ukrzaliznytsia has also announced temporary changes in freight transportation organization. After the restoration of freight services, document processing will again be carried out in electronic format.
Oleksandr Pertsovskyi also announced that the company is developing compensation measures for passengers.
Partial restoration of services occurred on March 27, but passengers continue to complain about their unstable operation.
The company has also provided instructions for recovering lost tickets.
How to find a previously purchased ticket
- Check your email — there should be a letter from Ukrzaliznytsia with a PDF ticket if you added your email to your profile in the application. Also check the “spam” folder — tickets might have gone there. ⠀
- Haven’t found your ticket? Come to the train at least 20 minutes before departure. The conductor can verify your travel basis with payment confirmation: a record in your banking application or payment receipt.⠀
How to return a previously purchased online ticket
- Fill out the return request. You can return the ticket no later than 1 hour before departure.⠀
If you reserved funds for automatic purchase, but the ticket was not received due to the cyberattack
- Fill out the return request — we will return the money after verification.
Return time depends on your bank and can take up to 30 banking days.
