Travel chaos struck several major European airports, including London’s incredibly busy Heathrow, on Saturday. The culprit? Technical glitches with check-in systems, which two airports quickly linked to a cyberattack that had occurred the previous evening.
These disruptions, which started on Friday, had cascaded throughout the day, affecting departures far and wide. At least five airports—Berlin Brandenburg, Brussels, Dublin, Cork in Ireland, and Heathrow—reported that the technical issue was impacting passengers preparing to fly.
Heathrow and Berlin Brandenburg, Germany’s third-largest airport, identified the problem as originating with Collins Aerospace. This American company supplies check-in and boarding systems to numerous airports, and the system malfunction led to significantly longer waiting times for travelers.
RTX, the corporate parent of Collins Aerospace, confirmed in a Saturday statement that a “cyber-related disruption” had affected its systems at several airports. The company assured the public it was working diligently to restore “full functionality to our customers as quickly as possible,” noting that airport staff could bypass the electronic issues by processing check-ins manually.
At Heathrow’s Terminal 3, staff members resorted to using megaphones to direct large crowds of passengers waiting for their delayed flights. By Saturday morning, some passengers were still waiting to check in for flights that were moments away from their scheduled departure. FlightAware, a flight-tracking website, reported an average 34-minute delay for departures from Heathrow as of early Saturday evening in London.
Heathrow advised passengers to arrive no more than three hours before a long-haul flight and two hours before a domestic flight.
Berlin Brandenburg’s statement clarified that the cyberattack on Friday evening had not directly targeted the airport itself. Eurocontrol, the primary air-traffic-control manager for Europe, based in Brussels, confirmed that the software issue had not affected wider air traffic control across the European network by Saturday evening.
Collins Aerospace, an aviation and defense technology company headquartered in Iowa, stated that the affected system was its MUSE software. This passenger-processing system is crucial for approximately 300 airlines operating at 100 airports globally.
RTX, Collins’ parent company, emphasized that “The impact is limited to electronic customer check-in and baggage drop.”
According to FlightAware, by early evening in Europe, Heathrow had experienced 445 delays and 18 cancellations, Brussels saw 254 delays and 21 cancellations, and Berlin Brandenburg recorded 202 delays and two cancellations.
These numbers encompassed both departing and arriving flights. Notably, incoming flights accounted for roughly 40 percent of delays at Heathrow, 44 percent at Brussels, and 35 percent at Berlin Brandenburg.
Brussels Airport described the cyberattack as having “heavily disrupted” its check-in operations, forcing a switch to manual processes for check-in and boarding, which inevitably led to delays and cancellations. Eurocontrol reported that Brussels Airport had requested airlines to cancel half of all departing flights until Monday at 4 a.m., local time, to mitigate the ongoing disruption.
Eurocontrol confirmed on Saturday evening that it “continues to actively monitor developments and is coordinating with all operational partners for any necessary actions to manage the situation.”
Dublin Airport reported “minor impacts,” as did Cork Airport, Ireland’s second-largest. Dublin was experiencing an average departure delay of one hour and seven minutes, with 272 delays by early evening. It remains unclear if these delays were solely due to the software issue or also connected to a 90-minute security evacuation of Terminal 2.
Britain’s National Cyber Security Center released a statement on Saturday, indicating it was collaborating with Collins Aerospace and the Department for Transport to fully grasp the implications of the cyber incident. Heidi Alexander, the U.K. transport secretary, publicly acknowledged on social media that she was “aware of an incident affecting airline check-in and boarding” and was actively monitoring the situation.
This disruption marks the latest in a series of cyberattacks targeting critical infrastructure and institutions. Last December, a cyberattack on Japan Airlines resulted in delays for both domestic and international flights. In June, Columbia University reported a sophisticated cyberattack by a “hacktivist” that shut down its computer systems and stole student data, seemingly to advance a political agenda.
Across the United States, cities have also become targets, with St. Paul, Minnesota, being affected in July. Minnesota Governor Tim Walz even activated the state National Guard to assist with the city’s response efforts.
Nazaneen Ghaffar, Lynsey Chutel and Rylee Kirk contributed reporting.