Germany’s .de domains just disappeared from the internet due to DNS outage

Published: 6 May 2026
Last updated: 7 May 2026
de-disconnected
Image by Cybernews.
Listen to this article

Millions of German websites went dark, and apps stopped working on Tuesday night as Germany’s top-level domain (TLD) .de became unreachable.

For users, websites like Amazon.de became unreachable. German publication Heise.de reports that key services in the country stopped working, including the Deutsche Bahn public transportation app.

DNS resolvers around the globe stopped resolving .de domains due to disruption at DENIC eG, the registry that manages Germany's top-level domain.

ADVERTISEMENT

Between around 19:15 and 22:30 UTC on May 5th, DNS queries were returning SERVFAIL error code, which means that the DNS resolver couldn’t return a valid answer, Cloudflare Radar data shows.

DENIC quickly acknowledged the issue, citing “a disruption in its DNS service for .de domains.” The registry also said the root cause analysis was still ongoing at the time when all systems were restored.

There was nothing wrong with the websites themselves or even the DNS records.

Cloudflare noted that “apparent DNSSEC problems” were impacting the .de domains. DNSSEC stands for DNS Security Extensions – a security addition that brought cryptographic signatures to existing DNS records to prove they’re not tampered with.

Have thoughts about this topic? Others do, too. Join them in the discussion.

ADVERTISEMENT

Some network engineers suspect that security key rotation botched the systems. As shared by users on Hacker News, the DNS errors indicated malformed signatures, making resolvers refuse to answer the queries.

“Per DENIC's FAQ, the .de Zone Signing Key rotates every 5 weeks via pre-publish, so this smells like a botched rollover,” one of the users said.

Leonard M. Schmedding, Co-Founder and Chief AI Officer at Everlast AI, calculates that the disruption affected the entire .de zone with 17.7 million domains, just because the Zone Signing Key produced a broken signature record.

“This is the digital infrastructure on which our economy runs,” Schmedding posted on X.

“No hacker attack. No provider problem. A single cryptographic key at a single authority in Frankfurt and half of Germany is offline. 17.7 million domains. A single point of failure,

The disruption prompted Cloudflare’s public DNS service to temporarily switch off DNSSEC validation for all .de domains, to make sites reachable to users while DENIC worked on the fix.

Using non-validating DNS resolvers can serve as a workaround when the websites are unreachable due to DNSSEC errors.

ADVERTISEMENT

Unlock exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
Deutsch English Português (BR) Español Français Niederländisch Italian (IT)
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT