Major European airports are now facing a fourth consecutive day of severe disruptions following a sophisticated cyberattack on a crucial third-party system responsible for check-in and boarding procedures.
The European Union Agency for Cybersecurity confirmed on Monday that a ransomware attack was the cause of the ongoing issues. Laura Heuvinck, a spokesperson for the agency, stated that further details regarding the incident, including the perpetrators, were still under investigation.
Brussels Airport appears to be the most severely impacted hub. Despite efforts, only a majority of flights were expected to operate on Monday. The airport reported 40 cancellations out of 277 scheduled departing flights, along with 23 canceled arrivals. The spokeswoman, Ihsane Chioua Lekhli, noted that the check-in process continued to experience significant problems, with no clear timeline for returning to normal operations.
Beyond Brussels, at least three other prominent airports – Berlin-Brandenburg, Dublin, and London’s Heathrow – also reported significant hindrances to their check-in and boarding systems due to the cyberattack, which Berlin’s airport confirmed began on Friday evening.
In Dublin, airlines have resorted to manual workarounds, according to spokesman Graeme McQueen, which could result in longer-than-usual wait times for bag drops. However, Dublin Airport confirmed that no flights were canceled or delayed on Monday directly because of the ransomware incident.
The affected airports, including Brussels, have attributed the widespread disruptions to a cyberattack targeting Collins Aerospace, an American company based in Iowa that supplies check-in and boarding systems to numerous aviation hubs.
RTX, Collins Aerospace’s parent company, did not immediately respond to inquiries on Sunday. However, in a Saturday statement, RTX acknowledged that the attack had impacted its systems at several airports and assured that efforts were underway to restore “full functionality” as quickly as possible. The company also confirmed that manual check-ins were a viable workaround.
Brussels Airport specifically described its weekend operations as “heavily disrupted,” necessitating a full reliance on manual processes for passenger check-ins and boarding.
The full extent of Monday’s disruptions across all affected airports was not immediately clear. London’s Heathrow, a major international gateway, issued an email statement confirming that while “the vast majority of flights at Heathrow are operating as normal,” passengers should still anticipate “slightly longer than usual” times for check-in and boarding on some flights.
RTX further clarified in its Saturday statement that the incident specifically impacted its MUSE software, a widely used passenger-processing system that supports approximately 300 airlines across 100 airports globally. “The impact is limited to electronic customer check-in and baggage drop,” the company stated.
This latest incident adds to a growing list of cyberattacks targeting critical infrastructure and major institutions. Last December, Japan Airlines experienced delays on both domestic and international flights due to a cyberattack. Similarly, Columbia University reported a sophisticated “hacktivist” cyberattack in June that led to a campus-wide computer system shutdown and the theft of student data, reportedly for political motives.