‍LONDON — A major cyberattack has targeted the check-in and boarding systems at several large European airports, resulting in significant travel disruptions, including the cancellation and delay of flights at affected hubs. 

The incident began on the evening of September 19 and primarily affected systems provided by Collins Aerospace, a major third-party aviation IT services provider supporting multiple airlines and airports.

Impacted Airports and Operations

• Brussels Airport: Reports show at least 9-10 flight cancellations and 15-17 delays exceeding an hour by Saturday morning at BRU. Check-in desks reverted to manual processes, including hand-writing baggage tags, causing long queues and further delays.
• London Heathrow: Widespread delays were reported across departing flights at LHR, with over 100 flights departing late by early Saturday, and extensive manual check-in operations were implemented to replace automated systems. However, Heathrow reported the disruption as "minimal" in terms of cancellations later in the morning.
• Berlin Brandenburg: BER experienced longer wait times and manual check-in, with at least 15 flights affected; no large-scale cancellations occurred, but extensive delays were reported.
• Frankfurt: FRA was not affected by the incident and maintained regular operations.

Scope, Response

The issue was traced back to a cyberattack on Collins Aerospace's passenger processing software, affecting the check-in, boarding, and baggage drop at multiple airports simultaneously. Manual workarounds allowed partial continuation of operations, but capacity was reduced and crowding occurred.

Eurocontrol advised airlines to reduce flights to/from Brussels by 50% between the early hours of Saturday and early Sunday to manage the airport’s limited operational capability.

There has been no public attribution of the attack to a specific threat actor yet. Official statements indicate that Collins Aerospace and other airport IT teams are actively working to restore systems and contain the issue.

Passenger Advisory

Passengers scheduled to fly today were strongly advised by all affected airports to confirm their flight status with their airline before arriving at the airport and to allow extra time for all procedures.

Some flights have been redirected to nearby airports when feasible, and rebooking processes are underway where necessary.

Industry Implication

Experts note that this event highlights the vulnerability of modern, interconnected aviation infrastructure to cyber threats, as increased digitalization now creates significant systemic risks.

No precise estimate was given for full resolution, but teams are working “as quickly as possible” to restore normal operations.