Cyber Incident Victim: Bremen

On February 12, 2025, Bremen’s municipal administration websites experienced a significant cyber incident beginning at approximately 7:15 AM. A denial-of-service attack targeted the Bremen Police website, flooding the servers of the Bremen administration with up to 18,000 requests per minute. This surge in traffic caused a temporary outage of the affected websites, disrupting public access to online services. A Russian hacker group claimed responsibility for the attack, prompting an investigation by the Central Office for Cybersecurity under the Senator for the Interior. The Competence Center CMS and Internet, operating under the Senator for Finance, initiated defensive measures to mitigate the attack. By late morning, the majority of malicious requests had been successfully blocked, restoring partial access to the websites. The intensity of the attack diminished throughout the day, though full resolution and forensic analysis remained ongoing.

Recovery efforts continued into the evening, with all websites fully restored following a pre-scheduled operating system update that caused a separate, planned outage. Authorities had announced this maintenance window in advance to minimize disruptions, emphasizing its necessity for maintaining system security. During both the attack and the maintenance period, citizens retained alternative contact options, including the municipal hotline (115) and the Bremen Police central phone number (0421 362-0). The incident highlighted operational resilience but underscored persistent vulnerabilities, as investigations into the attack’s origin and methods remained active. No data breaches or secondary compromises were reported, though the event amplified existing public concerns about cyber threats to critical infrastructure.