LONDON (BN24) — A cyberattack targeting the check-in and boarding systems at several major European airports disrupted air traffic on Saturday, highlighting vulnerabilities in the aviation sector’s digital infrastructure.
Brussels Airport first reported a “large impact” on flight schedules following the Friday night attack, which affected systems used by multiple airports across Europe, including Berlin’s Brandenburg Airport and London’s Heathrow. The disruption left airports temporarily reliant on manual check-in and baggage procedures, causing delays but relatively few cancellations.
The affected systems are operated by Collins Aerospace, a subsidiary of RTX Corp. (formerly Raytheon Technologies), whose MUSE (Multi-User System Environment) platform enables self-service check-ins, boarding pass printing, and baggage dispatch. Collins confirmed a “cyber-related disruption” and said it was working to restore full functionality, emphasizing that the issue was confined to electronic check-in systems.
Although no group has claimed responsibility for the breach, cybersecurity experts said the attack may have originated from criminal networks, hacker collectives, or even state-sponsored actors. They warned that the aviation industry has become an increasingly attractive target due to its dependence on interconnected digital platforms.
Paul Charles, a veteran travel analyst, described the breach as “deeply worrying,” noting it targeted the core system used by multiple airlines across various European airports simultaneously. “Surprisingly, a company with such a resilient reputation was affected,” he told Sky News.
The scope of disruption varied by location. Brussels Airport reported nine canceled flights, four diversions, and 15 delays exceeding an hour by mid-morning. In Berlin, airport officials severed links to the compromised systems as a precaution. At Heathrow, Europe’s busiest airport, the impact was described as “minimal,” though travelers experienced long wait times and limited staffed counters.
Maria Casey, a traveler flying to Thailand from Heathrow’s Terminal 4, said her airline had to process luggage due to the outage manually. “They had to write our baggage tags by hand,” she said, adding that just two desks were open.
Airport operators stressed that the cyberattack affected third-party systems and not the airports or airlines directly. Nevertheless, the incident underscored wider concerns about digital resilience in air travel.
Charlotte Wilson, head of enterprise at cybersecurity firm Check Point, said attackers are increasingly targeting supply chain vendors. “A single compromised vendor can trigger ripple effects across the continent,” she said.
Experts remain cautious in attributing the attack, but some suggest the motive appeared disruptive rather than financial. “This feels more like vandalism than extortion at this stage,” said James Davenport, professor of information technology at the University of Bath.
Airports advised passengers to monitor flight updates and apologized for delays as operations gradually resumed normal function by Saturday afternoon.
