A major cyberattack has caused severe disruptions to several of Europe’s busiest airports, with London Heathrow among the hardest hit. The attack, which began late on Friday, September 19, 2025, targeted electronic check-in and boarding systems supplied by Collins Aerospace, a provider whose software is widely used by airlines across Europe.
Travel chaos ensued over the weekend as airlines were forced to switch to manual check-in and boarding procedures, leading to extended queues, delays, and cancellations. Brussels, Berlin, Dublin, and Cork airports also reported significant impacts, with flight delays and cancellations continuing into Monday.
Details of the Cyberattack and Its Impact
The affected software, known as MUSE, allows multiple airlines to share common check-in desks and boarding gates—a system designed for operational efficiency but with inherent vulnerability in a major cyberattack. RTX, the parent company of Collins Aerospace, acknowledged the “cyber-related disruption” but has not disclosed the nature or attribution of the hack.
Heathrow Airport, the busiest in Europe, confirmed extensive delays for departing passengers on Saturday and Sunday. British Airways managed to continue operations using backup systems, while most other airlines experienced substantial disruption.
Brussels Airport was compelled to cancel roughly half of its departures on Monday to mitigate congestion, following earlier cancellations on Sunday. The airport authority reported 50 out of 257 Sunday flights canceled, a stark increase from the previous day. Berlin’s Brandenburg Airport also reported extended waiting periods and operational slowdowns.
Passengers faced uncertainty about flight schedules, with many stranded in airport terminals for hours. Airlines found themselves scrambling to manage rebookings, food, and accommodation for disrupted travelers, leading to frustration on both sides.
Official Responses and Security Measures
The UK’s National Cyber Security Centre (NCSC) is actively collaborating with Collins Aerospace, the affected UK airports, the Department for Transport, and law enforcement agencies to assess the impact and assist in response efforts.
A spokesperson from the European Commission, which oversees airspace management across the continent, stated they are “closely observing the cyberattack” and working with airlines and airports to restore normal operations. They specified there was no evidence of a “widespread severe” attack affecting the broader European aviation system.
Cybersecurity experts warn that this incident highlights vulnerabilities in the aviation industry’s digital infrastructure. They emphasize that systems relying heavily on a single vendor create a single point of failure, exacerbating the disruption when a cyberattack strikes.
A cybersecurity analyst explained,
“This attack is a prime example of the supply-chain risks facing the aviation industry. Many airports rely on the same third-party systems, which, while efficient, reduce resilience. A single cyberattack on one vendor can escalate into widespread disruptions across multiple airports.”
Ongoing Impact and Recovery Efforts
Though the situation showed signs of improvement in Berlin and Heathrow by Sunday, Brussels continued to cancel flights on Monday, awaiting a secure, updated software version from Collins Aerospace.
The airline industry remains on high alert, managing passenger flows through manual processes and backup procedures, but the disruptions have caused significant logistical challenges, including missed connections and extended passenger wait times.
Airlines have expressed frustration at the prolonged nature of the crisis, which forced them to assume responsibilities of managing disrupted travel plans. Some aviation experts caution that unless backup digital systems are widely implemented, incidents like this “will not be the last.”
One security expert stressed,
“Cybersecurity in aviation is not just an IT issue but an operational safety concern. Physical infrastructure always has redundancy, and the same must apply to digital systems to prevent future outages.”
Broader Concerns Over Aviation Cybersecurity
The incident at Heathrow and other European airports signals growing risks posed by cyber threats to critical infrastructure in transportation. With increasing digitalization, airports and airlines become exposed to vulnerabilities that, if exploited, can have severe ripple effects.
Industry stakeholders are now calling for reassessment of cybersecurity strategies, urging the aviation sector to diversify suppliers and incorporate robust contingency plans to safeguard operations.
Passengers are being advised to check flight statuses carefully and avoid traveling to airports unless flights have been confirmed to reduce overcrowding during ongoing recovery efforts.
This weekend’s cyberattack on European airports, notably Heathrow, has underscored the fragile state of digital infrastructure in aviation. Widespread flight cancellations, long passenger lines, and operational confusion have impacted thousands. While efforts to stabilize the situation continue, the incident serves as a dire warning for the aviation industry to bolster cybersecurity defenses and prepare comprehensive backup measures to protect against future attacks.
