A major cyberattack targeting Collins Aerospace, a key provider of check-in and boarding systems, severely disrupted operations at some of Europe’s busiest airports on September 20-21, 2025. This incident affected airlines and passengers at London Heathrow, Brussels, Berlin Brandenburg, and other hubs, leading to flight cancellations, extensive delays, and widespread passenger frustration.
Scope and Impact of the Cyberattack
The cyberattack compromised the MUSE software platform used by Collins Aerospace, owned by RTX Corporation, impacting the electronic check-in and baggage drop systems. While Collins Aerospace described the issue as a “cyber-related disruption,” it confirmed the problem was contained to check-in and boarding functions. Manual check-in processes were implemented to mitigate the effect.
Specifically:
-
London Heathrow Airport faced significant delays and cancellations, but most flights continued operations due to manual workarounds.
-
Brussels Airport saw cancellations for nearly 18% of its scheduled Sunday departures (45 out of 257 flights) and delays ranging from 30 to 90 minutes.
-
Berlin Brandenburg Airport experienced extended waiting times but no large-scale cancellations.
-
Other airports like Dublin and Cork reported minor impacts but maintained more normal operations.
Operational Response and Recovery Efforts
Airport authorities worked through the weekend to stabilize systems. Heathrow and Berlin reported easing delays by Sunday, while Brussels continued managing staff and passenger flows through manual processing. Airlines coordinating with the affected airports reported the gradual resumption of standard operations, although some disruption persisted.
European cybersecurity agencies, including the UK’s National Cyber Security Centre, are investigating the breach. European Commission officials stated there is no evidence of a “widespread or severe attack” beyond this incident.
Broader Cybersecurity Concerns in Aviation
This attack comes amid rising cyber threats targeting critical infrastructure. The aviation sector witnessed a 600% surge in cyberattacks from 2024 to 2025, signaling growing vulnerabilities as air travel increasingly relies on interconnected digital systems.
Flight Disruption Statistics (September 20-21, 2025)
| Airport | Scheduled Flights (Sunday) | Canceled Departures | Canceled Arrivals | Delay Range (minutes) | Notes |
|---|---|---|---|---|---|
| London Heathrow | 651 | 38 | 33 | Minimal | Majority of flights operated manually |
| Brussels Airport | 257 | 45 | N/A | 30 – 90 | Nearly 18% of departures canceled |
| Berlin Brandenburg | 226 | Minimal | Minimal | Moderate | Extended waits, no major cancelations |
| Dublin Airport | N/A | Minor | Minor | Minor | Ongoing support for disruption |
| Cork Airport | N/A | Minor | Minor | Minor | Minor impact |
Conclusion
The cyberattack on Collins Aerospace’s systems disrupted key check-in functions at prominent European airports, causing flight cancellations and delays on a significant scale. Recovery has begun, with airports relying heavily on manual processes to mitigate passenger inconvenience. This incident underscores the fragile nature of digital infrastructure in aviation and the urgent need for strengthened cybersecurity across the sector to safeguard critical systems against future attacks.
Authorities continue investigating the incident’s origin and are recommending enhanced cyber resilience measures to prevent similar disruptions in the increasingly digitized world of air travel.