A cyberattack targeting a key airport software system has caused widespread disruption across Europe, forcing delays, cancellations and manual check-in procedures at some of the continent’s busiest airports.
The attack struck late Friday, disabling parts of Collins Aerospace’s MUSE software, which manages electronic check-in, baggage tags and boarding documents. The system, used in airports worldwide, was forced offline at London Heathrow, Berlin Brandenburg and Brussels, triggering long queues and flight disruptions.
Brussels Airport has been the worst affected, cancelling about 50 departures on Sunday and warning that half of Monday’s flights would not operate until a secure software update is delivered. Heathrow and Berlin reported delays but fewer cancellations, with staff reverting to manual check-in and paper baggage tags. Online check-in and self-service kiosks continued to function in most locations, softening the impact.
Collins Aerospace, a subsidiary of RTX, is working with airlines and airport operators to restore services. Regulators and cybersecurity officials are monitoring the incident but have not confirmed who is responsible. No ransom or demands have been reported, leading experts to describe the attack as potential sabotage rather than a typical ransomware strike.
Authorities have urged passengers to check flight status before leaving home, allow standard arrival times—three hours for long-haul, two for short-haul—and expect longer waits at baggage drop.
The disruption highlights vulnerabilities in Europe’s aviation sector, which relies heavily on shared third-party systems. A single compromise in software infrastructure, experts warn, can ripple across borders and cripple passenger flows. Brussels, still struggling to recover, said it would not return to normal operations until Collins provides a fully secured version of its software.
With no group claiming responsibility, investigators are weighing possibilities from cybercriminal networks to state-backed actors. The attack has renewed calls for stronger oversight of digital supply chains in critical infrastructure, as airports and airlines grapple with the risks of modern, highly interconnected systems.
