Travelers across several major European hubs, most notably London’s bustling Heathrow Airport, experienced significant delays on Saturday. These disruptions stemmed from technical issues with crucial check-in systems, which two airports confirmed were the result of a cyberattack that hit on Friday evening.
The ripple effect of the attack spread rapidly, causing widespread chaos. By Saturday, at least five key airports – Berlin Brandenburg, Brussels, Dublin, Cork (Ireland), and Heathrow – publicly acknowledged that the technical malfunction was severely impacting outbound flights.
Investigations revealed that the core of the problem lay with Collins Aerospace, an American firm responsible for providing check-in and boarding systems to numerous airports, including Heathrow and Germany’s third-largest, Berlin Brandenburg. This critical system failure led to prolonged queues and frustration for passengers.
RTX, the parent company of Collins Aerospace, issued a statement on Saturday, confirming a “cyber-related disruption” affecting their airport systems. They assured the public that teams were working diligently to restore full service and noted that airport personnel were able to mitigate some delays by reverting to manual check-in procedures.
At Heathrow’s Terminal 3, overwhelmed staff resorted to megaphones to guide masses of passengers through the departure area, many of whom were still waiting to check in for flights due to depart imminently. By early evening in London, flight-tracking website FlightAware reported an average 34-minute departure delay at the airport, underscoring the ongoing operational difficulties.
Amid the confusion, Heathrow advised passengers to adjust their arrival times, recommending no earlier than three hours for long-haul flights and two hours for domestic journeys.
While Berlin Brandenburg confirmed the cyberattack occurred Friday evening, they clarified that the airport itself was not directly targeted. Eurocontrol, Europe’s main air-traffic-control body headquartered in Brussels, confirmed that the software glitch had not impacted broader air traffic control across the continent by Saturday evening.
Collins Aerospace, an Iowa-based aviation and defense technology company, confirmed the issue was with their MUSE software – a critical passenger-processing system utilized by approximately 300 airlines across 100 airports worldwide. This highlights the extensive reach of the disruption.
RTX specified that the cyber incident’s effects were confined to electronic check-in and baggage drop services, not broader operational safety.
By early evening across Europe, FlightAware data revealed a grim picture: Heathrow recorded 445 delays and 18 cancellations, Brussels saw 254 delays and 21 cancellations, while Berlin Brandenburg experienced 202 delays and two cancellations.
These significant figures encompass both departing and arriving flights, with incoming flights accounting for roughly 40% of Heathrow’s delays, 44% at Brussels, and 35% at Berlin Brandenburg.
Brussels Airport, hit particularly hard, described its check-in operations as “heavily disrupted,” necessitating a switch to manual processes and leading to numerous delays and cancellations. In response, Eurocontrol reported that Brussels Airport requested airlines to cancel half of all outbound flights until Monday 4 a.m. local time, underscoring the severity of the situation.
Eurocontrol assured the public on Saturday evening that it is closely monitoring developments and actively coordinating with all its operational partners to manage the ongoing challenges effectively.
Ireland’s Dublin Airport, along with Cork Airport, reported “minor impacts.” However, FlightAware indicated Dublin experienced an average departure delay of one hour and seven minutes, with 272 delays by early evening. It remains unclear whether these delays were solely due to the software issue or exacerbated by a separate 90-minute security evacuation of Terminal 2.
In Britain, the National Cyber Security Center confirmed it is collaborating with Collins Aerospace and the Department for Transport to assess the full impact of the cyber incident. Transport Secretary Heidi Alexander also acknowledged the “incident affecting airline check-in and boarding” via social media, stating her team was closely monitoring the evolving situation.
This incident marks another entry in a growing list of cyberattacks targeting critical infrastructure and prominent institutions. Notably, a cyberattack on Japan Airlines last December caused significant domestic and international flight delays. Similarly, in June, Columbia University’s systems were crippled by a sophisticated “hacktivist” attack, which led to a widespread shutdown of computer services and the theft of student data, reportedly to advance a political agenda.
The United States has also seen its share of such attacks, with St. Paul, Minnesota, experiencing one in July. Following that incident, Governor Tim Walz took the extraordinary step of activating the state National Guard to assist with the city’s recovery efforts.