Flights at some of Europe’s busiest airports have been disrupted on Saturday following a cyberattack that targeted check-in and boarding systems.
Operations at airports in London, Brussels, and Berlin were among those affected by the disruption to software that rendered automated systems inoperable.
London’s Heathrow Airport said Collins Aerospace, which provides check-in and boarding systems for airlines, faced a technical issue that may cause delays.
RTX Corporation, of which Collins Aerospace is a subsidiary, told Newsweek on Saturday a cyber-related disruption to its MUSE (Multi-User System Environment) software was found at select airports and it was working to resolve the issue.
Why It Matters
The cyberattack affecting American-based company Collins Aerospace has caused delays and cancellations across Europe, affecting millions of air travelers.
The New York Times reported, citing data from FlightAware, that there were 101 delays and five cancellations at Berlin-Brandenburg, 139 delays and seven cancellations at Brussels and 201 delays and 10 cancellations at Heathrow as of early Saturday afternoon.
What To Know
RTX Corporation said there had been a cyber-related disruption to its MUSE software in some airports, but the impact is limited to electronic customer check-in and baggage drop and can be mitigated with manual check-in operations.
On Friday, Brussels Airport said the cyberattack meant passengers had to be checked in and boarded manually.
Berlin’s Brandenburg Airport also reported longer waiting times due to the issue, while Heathrow Airport warned on Saturday of delays following a cyberattack affecting an electronic check-in and baggage system.
Heathrow Airport advised travelers not to arrive more than three hours before a long-haul flight or two hours before a domestic service. The BBC reported that British Airways is operating as normal using a back-up system, but most other airlines operating from Heathrow had been affected.
Traveler Maria Casey had to spend three hours at baggage check-in at Heathrow’s Terminal 4.
“They had to write our baggage tabs by hand,” she told the Associated Press. “Only two desks were staffed, which is why we were cheesed off.”
Aviation and travel expert Paul Charles told Sky News that the disruption in several European airports was due to a “very clever cyberattack” given the coordinated nature of airports and airlines affected.
Passengers await flight information at Brussels Airport on September 20 following a cyberattack that has impacted European airports.
JORIS SMETS/Getty Images
What People Are Saying
RTX Corporation told Newsweek in a statement on Saturday: “We have become aware of a cyber-related disruption to our MUSE software in select airports. We are actively working to resolve the issue and restore full functionality to our customers as quickly as possible. The impact is limited to electronic customer check-in and baggage drop and can be mitigated with manual check-in operations.”
Heathrow Airport said in a statement: “Collins Aerospace, which provides check-in and boarding systems for several airlines across multiple airports globally, is experiencing a technical issue that may cause delays for departing passengers.”
Travel journalist Simon Calder told Times Radio: “It’s a pretty grim day, I’m afraid, to be an airline passenger.”
Travel analyst Paul Charles told Sky News: “This is a very clever cyberattack indeed because it’s affected a number of airlines and airports at the same time—not just one airport or one airline, but they’ve got into the core system that enables airlines to effectively check in many of their passengers at different desks at different airports around Europe.”
Charlotte Wilson, head of enterprise at cybersecurity firm Check Point, told the AP: “These attacks often strike through the supply chain, exploiting third-party platforms that are used by multiple airlines and airports at once. When one vendor is compromised, the ripple effect can be immediate and far-reaching, causing widespread disruption across borders.”
James Davenport, a professor of information technology at the University of Bath in England, told the AP: “It looks almost more like vandalism than extortion, based on the information we have. I think significant new details would have to emerge to change this view.”
What Happens Next?
There has so far been no public comment about the nature or origin of the cyberattack.
Charles, meanwhile, told Sky News that “there will be deep concerns” about the security vulnerabilities the attack highlighted.
Update 9/20/25, 11:25 a.m. ET: This article has been updated with comment from RTX Corporation.
Update 9/20/25, 12:53 p.m. ET: This article has been updated with additional information.
