A major cyberattack has disrupted flight operations across several European airports, including London Heathrow, Brussels, Berlin, and Dublin. The incident, which began on Saturday, September 20, 2025, targeted Collins Aerospace’s MUSE check-in and boarding system, a critical software used by multiple airlines. The attack forced airports to switch to manual check-in procedures, causing widespread delays, cancellations, and passenger frustration. With thousands of travelers stranded, the incident has raised serious concerns about cybersecurity vulnerabilities in global aviation infrastructure.
Scope of the Disruption
- London Heathrow: Over 600 flights were disrupted on Saturday alone, with more than 130 flights delayed by over 20 minutes and 13 flights canceled. Queues stretched across terminals as staff were forced to process passengers manually.
- Brussels Airport: Around 25 departures were canceled on Saturday and 50 more on Sunday, while nearly 140 flights scheduled for Monday were proactively canceled to avoid further chaos.
- Berlin and Dublin: Both airports reported significant delays, though the impact was less severe compared to Heathrow and Brussels.
- Overall: Thousands of passengers across Europe faced missed connections, rebookings, and travel chaos as airlines scrambled to restore normal operations.
Cause of the Cyberattack
The disruption has been traced to a cyberattack on Collins Aerospace, a Raytheon Technologies subsidiary that provides the MUSE (Multi-User System Environment) check-in platform. The attack compromised critical check-in, baggage handling, and boarding systems, making them inoperable.
While no group has officially claimed responsibility yet, early cybersecurity reports suggest the attack may have been ransomware-related or state-sponsored. Authorities in the UK, Belgium, and Germany are currently investigating the breach.
Passenger Impact
- Long queues at check-in and baggage counters.
- Missed connecting flights due to cascading delays.
- Increased costs for airlines, which must rebook and compensate passengers.
- Frustration among travelers as manual check-in stretched waiting times to several hours.
Many passengers took to social media to document the chaos, with images of crowded terminals at Heathrow and Brussels going viral.
Why This Matters for Global Aviation
This incident highlights the vulnerability of aviation infrastructure to cyber threats. With multiple airlines and airports relying on the same third-party software, a single cyberattack can paralyze operations across continents.
Cybersecurity experts warn that such attacks could become more frequent and sophisticated, especially with the rise of AI-driven hacking tools and state-backed cyber warfare campaigns. The attack also raises questions about supply chain security, as one compromised vendor can create a domino effect on global travel.
What Happens Next
- Restoration Efforts: Collins Aerospace teams are working around the clock to restore MUSE systems with patched updates.
- Government Response: Authorities in the UK and EU have launched joint investigations into the incident.
- Passenger Compensation: Under EU law, travelers whose flights were canceled or delayed may be eligible for compensation, depending on the circumstances.
- Future Prevention: Calls are growing for airports and airlines to invest more in cyber resilience, redundancy planning, and manual backup systems.
The Heathrow and European airport cyberattack is one of the most disruptive incidents in recent aviation history. With thousands of flights affected and passenger confidence shaken, the event serves as a stark reminder of how critical cybersecurity has become in the modern aviation ecosystem. Going forward, both airlines and governments must prioritize stronger digital defenses to ensure that passengers are not left stranded by the next wave of cyber threats.
