Travelers across Europe faced an unexpected ordeal on Saturday, September 20, 2025, as a cyberattack targeting airport check-in and boarding systems threw several major travel hubs into disarray. The incident, which began on the night of Friday, September 19, disrupted air traffic at some of the continent’s busiest airports, including Brussels Airport, Berlin Brandenburg, and London’s Heathrow. While the initial chaos was palpable, airports and service providers scrambled to contain the fallout and keep passengers moving — albeit at a much slower pace than usual.
According to statements from affected airports and coverage by AP, BBC, and Reuters, the attack zeroed in on the software of a key service provider: Collins Aerospace. This U.S.-based company, a subsidiary of RTX Corp. (formerly Raytheon Technologies), supplies the MUSE (Multi-User System Environment) platform, which powers electronic check-in, boarding pass printing, and baggage handling for hundreds of airlines at airports around the globe. When this system went down, it left airport staff relying on manual check-in procedures — a throwback to an earlier era of air travel, and one that simply couldn’t keep up with the volume of modern passenger flows.
Brussels Airport, one of the hardest hit, was quick to confirm the cause. “There was a cyberattack on Friday night 19 September against the service provider for the check-in and boarding systems affecting several European airports including Brussels Airport,” the airport said in a statement, as reported by DW and NPR. The impact was immediate and significant: by mid-morning on Saturday, Brussels Airport had canceled nine flights, redirected four to other airports, and recorded at least 15 delays of an hour or more. The airport advised travelers to double-check their flight status before heading to the terminal, acknowledging that only manual check-in and boarding were possible.
Berlin’s Brandenburg Airport, Germany’s third largest, also found itself at the epicenter of the disruption. As reported by The New York Times, airport operators cut off connections to the affected systems and posted a banner on their website warning of longer waiting times at check-in. “Due to a technical issue at a system provider operating across Europe, there are longer waiting times at check-in. We are working on a quick solution,” the message read. By late morning, no flights had been canceled at Brandenburg due to the cyberattack, but the situation was described as fluid and subject to change.
London’s Heathrow, Europe’s busiest airport and a major global hub, reported what it called “minimal” disruption in terms of flight cancellations, but delays for departing passengers were widespread. According to Al Jazeera and AP, staff in Terminal 3 resorted to using megaphones to direct crowds of frustrated travelers, some of whom were still waiting to check in for flights scheduled to depart within minutes. Heathrow’s official statement was measured: “Collins Aerospace, which provides check-in and boarding systems for several airlines across multiple airports globally, is experiencing a technical issue that may cause delays for departing passengers.” The airport encouraged passengers to check their flight status before traveling.
Other major airports in Europe, including Frankfurt, Paris Charles de Gaulle, Orly, Le Bourget, and Zurich, reported no disruptions. Spokespeople for these airports confirmed that their operations were unaffected by the cyberattack, offering a small measure of relief for travelers passing through these hubs.
Collins Aerospace, for its part, was quick to acknowledge the issue. In a statement, the company said, “We have become aware of a cyber-related disruption to our MUSE software in select airports.” The company emphasized that the impact was “limited to electronic customer check-in and baggage drop and can be mitigated with manual check-in operations.” Collins added, “We are actively working to resolve the issue and restore full functionality to our customers as quickly as possible.” RTX Corp., the parent company, echoed this message, stressing that its teams were working around the clock to fix the problem.
Despite the widespread disruption, there were no confirmed reports of data theft or breaches of passenger information. As of Saturday afternoon, no group or individual had claimed responsibility for the cyberattack, and officials had not identified a motive. The timing of the incident — just one day after a hacking attempt on the website of St. Petersburg airport in Russia — raised eyebrows, but authorities have not drawn any direct connection between the two events.
Flight tracking data from FlightAware painted a vivid picture of the chaos unfolding across affected airports. As of midday on Saturday, the site reported 59 delays and two cancellations at Berlin Brandenburg, 97 delays and three cancellations at Brussels, and 136 delays and five cancellations at Heathrow. While it was unclear if every single delay was directly attributable to the cyberattack, the numbers underscored the scale of the disruption.
Passengers caught up in the turmoil described scenes of confusion and mounting frustration. At Brussels and Berlin, snaking lines formed at the check-in counters, with staff working overtime to process travelers by hand. At Heathrow, the use of megaphones to manage crowds was a rare — and jarring — sight in an age of digital efficiency. The airports did their best to keep spirits up, issuing apologies and urging patience, but for many, the experience was a stark reminder of how dependent modern travel has become on digital infrastructure.
Collins Aerospace’s MUSE system, which supports around 300 airlines at 100 airports, is a critical piece of the global aviation puzzle. Its sudden outage rippled far beyond the affected airports, as airlines scrambled to rebook passengers, reroute flights, and coordinate with ground staff. The incident also reignited concerns about the vulnerability of aviation technology to cyber threats — a topic that has been simmering in industry circles for years.
Brussels Airport, in its statement, summed up the challenge: “This has a large impact on the flight schedule and will unfortunately cause delays and cancellations of flights.” The airport and others pledged to keep passengers informed and to restore normal operations as quickly as possible.
While the immediate crisis appeared to be contained by Saturday afternoon, with manual procedures keeping a skeleton operation running, questions lingered about how — and when — full electronic service would be restored. The episode served as a wake-up call for airports, airlines, and technology providers alike, highlighting the need for robust contingency plans and resilient systems in an age where cyberattacks are no longer a distant threat, but a present-day reality.
For travelers, the day was a test of patience and flexibility. For the aviation industry, it was a sobering reminder that even the most advanced systems can be brought to a standstill by a well-timed cyberattack. As Collins Aerospace, RTX Corp., and airport authorities continue their efforts to restore normalcy, the incident will almost certainly spark new conversations about cybersecurity — and what it takes to keep the world’s airports flying safely and smoothly.
