A European Airports Cyberattack on check-in and boarding systems disrupted operations at several of Europe’s busiest airports on Saturday, causing delays, cancellations, and passenger frustration. The attack targeted Collins Aerospace’s technology, which powers self-service kiosks for printing boarding passes, bag tags, and baggage drop-offs.
Airports including Brussels, Berlin Brandenburg, and London Heathrow were affected, forcing manual check-in procedures. Other airports reported no impact. Collins, a subsidiary of RTX Corp., confirmed a “cyber-related disruption” to its MUSE (Multi-User System Environment) software at select locations.
Systems Disrupted, Flights Delayed
The European Airports Cyberattack began on Friday evening, September 19, when Collins detected suspicious activity. Brussels Airport initially reported a “large impact” on flight schedules, noting nine flights were canceled, four redirected, and more than a dozen delayed by at least an hour.
At Berlin Brandenburg Airport, operators quickly disconnected from affected systems to contain the breach. By late morning, officials reported no flight cancellations directly tied to the disruption, but warned the situation could change.
London’s Heathrow Airport, Europe’s busiest hub, described the impact as “minimal.” While officials declined to specify the number of delayed flights, they confirmed that no cancellations were directly linked to the European Airports Cyberattack.
Collins said it was “actively working to restore full functionality” and emphasized that the disruption was limited to electronic check-in and baggage systems, which could be mitigated through manual processing.
Aviation Industry Faces Growing Cyber Risks
Cybersecurity experts described the European Airports Cyberattack as highly coordinated and concerning. Paul Charles, a travel analyst, called it “a very clever cyberattack” because it affected multiple airlines and airports simultaneously through a shared platform.
Charlotte Wilson, head of enterprise at cybersecurity firm Check Point, noted that aviation has become an attractive target for cybercriminals due to its reliance on third-party digital systems. “When one vendor is compromised, the ripple effect can be immediate and far-reaching,” she said.
Passengers at affected airports faced long waits and reduced staffing at counters. At Heathrow Terminal 4, traveler Maria Casey said she spent three hours checking in for a flight to Thailand. “They had to write our baggage tags by hand,” she said, adding that only two desks were staffed during the disruption.
Experts said it remains unclear whether the incident was caused by hackers, organized cybercriminals, or other actors. Early analysis suggested it may have been an act of digital vandalism rather than an extortion attempt.
James Davenport, professor of information technology at the University of Bath, said the nature of the European Airports Cyberattack pointed more to disruption than financial motives. “Significant new details would have to emerge to change this view,” he explained.
A Contained Incident, but Ongoing Concerns
By Saturday afternoon, most disruptions appeared to be contained. Airports advised travelers to monitor flight status updates and apologized for the inconvenience.
Still, the European Airports Cyberattack highlighted the vulnerabilities of global air travel infrastructure, particularly its dependence on interconnected digital systems provided by third-party vendors.
Industry analysts warned that without stronger safeguards, similar disruptions could resurface. “The aviation sector is heavily reliant on supply chain platforms,” Wilson said. “Attacks like this are a reminder that resilience and layered defenses are critical to protecting passengers and operations.”
As operations gradually returned to normal, officials stressed that investigations are ongoing. Collins Aerospace continues efforts to restore full system stability and is working closely with affected airports to ensure passengers face minimal further disruption.
