A sweeping cyberattack on a key aviation‐service provider has thrown operations into disarray at several major European airports, forcing airlines to revert to manual processing and leaving travellers facing long delays, cancellations, and confusion. The outage, which began late Friday night, primarily impacted electronic check‑in, boarding, and baggage systems provided by Collins Aerospace, sparking widespread criticism of the aviation industry’s vulnerability to third‑party IT disruptions.
The Incident Unfolds
On the evening of September 19, 2025, multiple major airports across Europe — notably London Heathrow, Brussels, and Berlin Brandenburg — reported that automated passenger‑handling systems went offline. According to statements from the airport authorities and the affected provider, Collins Aerospace, the software module known as MUSE (Multi‑User System Environment) was at the heart of the disruption.
The problem manifested first in electronic check‑in kiosks and baggage‑drop machines, followed by boarding pass printing and other related automated services. Airlines, airports, and passengers were forced to switch to manual processing to manage check‑ins, boarding, and baggage.
Immediate Impacts on Airports & Travellers
- Flight delays and cancellations: Brussels Airport alone reported at least 10 cancelled flights by mid‑morning, and another 15‑17 flights delayed by one hour or more. Berlin and Heathrow also saw delays, though cancellations there appear to have been fewer.
- Long queues, confusion: At Heathrow and Berlin, passengers described long lines at check‑in, with some counters overwhelmed as staff attempted to manage tasks manually.
- Airport advisories: All affected airports urged travellers to check flight status beforehand and arrive early if possible. Brussels explicitly said that only manual check‑in and boarding would be functioning.
- Scope and uneven impact: Not all airports were affected. Frankfurt, Zurich, and several in the Paris region (Roissy‑Charles de Gaulle, Orly, Le Bourget) reported that they were operating normally.
Response from Collins Aerospace and Others
Collins Aerospace, a U.S.‑based provider of check‑in, boarding, and baggage systems for airlines and airports globally, confirmed the disruption was a “cyber‑related disruption” affecting its MUSE software at “select airports.”
The company emphasised that while electronic check‑in and baggage drop systems were down, manual operations remain viable and are being used to mitigate the impact. It also said efforts are underway to restore full functionality as quickly as possible.
Airport authorities have also mobilised extra staff and instituted fallback procedures. Frankfurt and Zurich, though unaffected, are among those continuing to monitor the situation closely.
Underlying Issues & Risk Factors
The episode lays bare several structural and systemic vulnerabilities in modern air travel:
- Dependence on third‑party providers: Heathrow, Brussels, Berlin and others all rely on shared systems from external vendors. When one vendor’s system fails (or is compromised), the consequences ripple across multiple airports and airlines.
- Limited redundancy: While there were backups or manual fallback options, these are less efficient and more resource‑intensive. Many airports appeared unprepared for prolonged system outages.
- Potential for escalation: Cyber threats in the aviation sector are not new, but as systems become more integrated and data flow more interconnected, the stakes increase — for safety, for finances, and for reputation. Experts say this could be exploited by sophisticated cybercriminals or state actors. So far, no attribution has been confirmed.
What This Means for Travellers
If you’re flying from or through Europe, the following are key takeaways:
- Confirm your flight status directly with your airline in the hours before you travel. Automated systems like airline apps or websites may still reflect delays or cancellations.
- Allow extra time at the airport—check‑in, baggage, boarding will take longer under manual operations.
- Have patience: With manual printing of boarding passes, bag tags, longer verification procedures, the process will be slower.
- Be prepared for changes: Some flights may be cancelled, re‑routed, or delayed. Plan accordingly, especially for connecting flights.
Broader Implications & What’s Next
This event is likely to trigger several responses and policy shifts in the near term:
- Regulatory scrutiny: Authorities may investigate how aviation infrastructure providers are audited, especially around cybersecurity. The risk posed by third‑party dependencies may lead to stricter requirements for resilience and backup systems.
- Investment in redundancy and fallback systems: Airports and airlines may accelerate efforts to ensure that there are reliable manual or isolated backup systems that can function in case of digital outages.
- Cybersecurity posture review: For Collins Aerospace and similar vendors, this incident is a reputational challenge. They’ll be under pressure to provide more transparency about how their systems are secured, how breaches are detected, and how quickly disruptions can be mitigated.
- Public expectations: Passengers will likely expect better contingency measures — better communication, streamlined manual procedures, perhaps compensation when extensive delays or cancellations occur due to such tech failures.
This cyberattack underscores how fragile modern air travel’s dependences are: one provider going down can cascade into airports across multiple countries. Whether this serves as a wake‑up call for governments, regulators, and companies remains to be seen — but the pressure is on to shore up defences, improve preparedness, and build in resilience before the next incident.