Home / News

Ukraine’s Leading Mobile Operator Struck by War’s Largest Cyberattack

Ukraine’s largest mobile company Kyivstar. Photo: Olek / Adobe Stock

In the largest cyberattack since Russia’s invasion in February 2022, Ukraine’s leading mobile network operator, Kyivstar, faced severe disruptions.

The attack, which targeted over half of Ukraine’s population, resulted in service outages and damage to IT infrastructure, critically impairing the delivery of air raid warnings. Kyivstar’s CEO linked the attack directly to the ongoing war with Russia. Services were expected to be restored by Wednesday, with fixed-line services already partially reinstated.

Suspected state-sponsored attack: Ukraine’s cyber defense sources suspect Russia as the perpetrator, characterizing the attack as state-sponsored and aimed at destruction rather than financial gain.

The assault on Kyivstar is believed to be designed to create chaos, potentially linked to Ukrainian President Zelenskiy’s visit to the U.S. The attack impacted over 75 settlements in the Kyiv region, disrupting air raid alert systems and forcing reliance on loudspeaker announcements.

In response, Kyiv residents turned to alternative network providers for connectivity.

Broader impact and responses: The cyberattack’s impact extended beyond Kyivstar, affecting major Ukrainian financial institutions like Monobank, PrivatBank, and Oschadbank, with reports of ATM and card terminal disruptions.

Kyivstar, part of the Amsterdam-listed Veon, is collaborating with law enforcement in their investigations. While the financial ramifications remain unclear, this incident adds to a series of alleged Russian cyberattacks against Ukraine, including a significant disruption at the start of the war impacting satellite internet modems across Europe.

By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under


Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



New TLDs

Sponsored byRadix

Domain Names

Sponsored byVerisign


Sponsored byDNIB.com

IPv4 Markets

Sponsored byIPv4.Global

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byCSC


Sponsored byVerisign