German rail operator says planned GSM-R swap likely triggered nationwide outage

Official explanation

Deutsche Bahn’s infrastructure unit says a planned technical change in its rail communications system is now the leading explanation for the nationwide outage that brought train traffic across Germany to a standstill on June 24.

According to reporting on a letter from DB InfraGO to the federal government, the company believes a planned replacement of a core GSM-R component likely triggered the disruption. GSM-R is the digital radio system used for operational communication across Germany’s rail network.

The same reporting says the backup network did not take over automatically right away. Operators first had to rule out a cyberattack before switching over manually, which delayed recovery.

How the disruption unfolded

The rail standstill began around 22:00 UTC on June 24, when train traffic across the country reportedly stopped under safety procedures after the communications failure. The system-wide halt affected both passenger and freight services.

AP reported earlier in the day that Deutsche Bahn described the incident as scheduled maintenance on a central communications component that triggered an automatic safety stop. Later reporting from The Guardian and WELT said the problem likely involved a scheduled replacement of an ageing or core GSM-R component.

Service began resuming around 00:30 UTC, according to the timeline in the research packet. That put the outage at roughly two hours before trains started moving again.

Why the backup did not help immediately

The most sensitive part of the explanation is the failover delay. WELT reported that the backup network was not activated automatically because staff first had to exclude a cyberattack.

That detail matters in a safety-critical rail system, where operators can only restore service once they are confident the failure is not part of a broader attack or another undefined risk. The research packet says the security mechanisms stopped trains in a controlled way and that no passengers or staff were endangered.

Authorities and the company did not see strong evidence of sabotage or a cyberattack, but the technical investigation is still ongoing. The exact component involved has not yet been identified publicly.

Pressure on Deutsche Bahn

The outage has put fresh pressure on Deutsche Bahn and DB InfraGO over redundancy, crisis management and the resilience of legacy rail systems.

Regional transport officials in Brandenburg and Bavaria were quoted calling for full clarification and a better emergency concept. Their comments reflect a broader concern that a nationwide rail network should not depend so heavily on a single communications chain or on a slow manual failover process.

WELT also reported that the Federal Office for Information Security and the domestic intelligence service were involved early in the response. That shows how seriously the episode was treated, even though the available reporting points away from sabotage.

What remains open

The current explanation is still provisional. Investigators have not publicly said whether the decisive problem was hardware, software or a procedure connected with the replacement work.

It is also not yet clear whether the delay in activating the emergency network was caused by the system design itself, by operator procedure or by the security checks that had to be completed first.

For passengers and freight operators, the immediate impact was already severe: a nationwide standstill, then a gradual return to service later that night. The next step is the formal technical investigation into how a planned GSM-R swap led to such a broad disruption and why the backup path did not take over sooner.