A significant cyberattack on September 19, 2025, targeted check-in and boarding systems at several major European airports, leading to widespread flight delays and cancellations. The attack affected automated systems provided by Collins Aerospace, a subsidiary of RTX Corporation, prompting airports to revert to manual operations.
🛫 Affected Airports and Impact
The cyberattack disrupted operations at major European airports, including London Heathrow, Brussels, and Berlin Brandenburg. At Brussels Airport, approximately 10 flights were canceled, 15 were delayed by over an hour, and four were diverted. Berlin Brandenburg Airport reported longer check-in times due to technical issues with a system provider. London Heathrow experienced minimal disruption, with no flight cancellations directly linked to the cyberattack. However, passengers were advised to check their flight status before traveling, as delays were possible.
🧳 Cause of the Disruption
The disruption was traced to a cyber-related issue with Collins Aerospace’s MUSE (Multi-User System Environment) software, which supports self-check-in, boarding passes, and baggage tags. The company confirmed the cyberattack and stated that the impact was limited to electronic customer check-in and baggage drop, which could be mitigated with manual check-in operations. Collins Aerospace is actively working to restore full functionality to its systems.
🛠️ Response and Mitigation
Airports affected by the cyberattack implemented manual check-in and boarding procedures to minimize disruption. Passengers were advised to check their flight status with their respective airlines before arriving at the airport. Airlines such as Air India issued travel advisories, informing passengers of potential delays due to the disruption and recommending completing web check-in before arriving at the airport.
🔐 Implications for Airport Cybersecurity
This incident underscores the vulnerability of critical infrastructure to cyberattacks. The aviation industry relies heavily on automated systems for efficient operations, and disruptions can have significant impacts on flight schedules and passenger experience. The cyberattack highlights the need for robust cybersecurity measures and contingency plans to ensure the resilience of airport operations against such threats.
As of now, the full restoration of automated systems at the affected airports is underway. Passengers are encouraged to stay informed about their flight status and to allow extra time for check-in and security procedures. The aviation industry and cybersecurity experts will likely conduct thorough investigations to understand the scope of the attack and to implement measures to prevent future incidents.