A cyber attack on a check-in and boarding systems provider disrupted operations at major European airports, including the continent’s busiest, Heathrow Airport, causing flight delays and cancellations.
Collins Aerospace, the developer of MUSE (Multi-User System Environment) software used in flight operations, said it had suffered a “cyber-related disruption” that affected several airports across the continent.
European airports hit by a cyber attack
While Collins Aerospace withheld the names of the affected airports, Heathrow Airport, Berlin Airport, Dublin Airport, and Cork Airport confirmed they were affected.
“Due to a technical issue at a system provider operating across Europe, there are longer waiting times at check-in. We are working on a quick solution,” Berlin Airport stated.
Berlin’s Brandenburg Airport also reported delays stemming from the cyber attack, while Brussels Airport resorted to manual boarding with most outgoing flights delayed.
“There was a cyberattack on Friday night 19 September against the service provider for the check-in and boarding systems affecting several European airports including Brussels Airport,” Brussels Airport said in a statement.
It also asked other European airports to cancel half of their departing flights to avoid long delays and potential cancellations.
Impact of cyber attack limited
However, Heathrow Airport said that “the vast majority of flights have continued to operate.” Nevertheless, it advised passengers to confirm with their airlines whether their flights would be affected.
Meanwhile, Collins Aerospace’s parent company, RTX, said the cyber attack had limited impacts on electronic customer check-in and baggage drop, which could be mitigated by switching to manual operations. Some airports had to tag baggage by hand, thereby slowing down the boarding process due to staff shortages.
Authorities also downplayed the impacts of the cyber attack, stating that the incident had not severely impacted European airports. The European Commission spokesperson also disclosed that an investigation was underway to determine the nature of the cyber attack.
The commission added that it was “closely monitoring the cyber-attack” and was working with impacted European airports to restore operations and support passengers. It also confirmed that the cyber attack did not compromise air travel safety.
Similarly, the U.K.’s National Cyber Security Centre is working with other law enforcement agencies and the software provider to investigate the cyber attack. The country’s Transport Secretary Heidi Alexander was also getting regular updates and monitoring the situation.
“I’m aware of an incident affecting airline check-in and boarding, impacting flights at Heathrow and other European airports,” said Alexander. “I’m getting regular updates and monitoring the situation. If you’re flying at Heathrow today, check with your airline before travelling.”
So far, the threat actor behind the cyber attack remains unknown, and no group has claimed responsibility. However, financially motivated hackers or state-sponsored threat actors were likely involved. Similarly, the motive of the cyber attack remains undisclosed, and RTX has not disclosed receiving any ransom demands.
Meanwhile, the cyber attack has raised concerns about multiple European airports depending on a single software supplier in the current geopolitical climate.
Airports, as part of critical infrastructure, have become lucrative targets for cybercriminals due to the vast amounts of personal information they hold and the impacts of disruption.

