Today turned into a nightmare for thousands of travelers across Europe as a cyberattack knocked out electronic check-in systems at three major airports.
Heathrow, Brussels Airport, and Berlin-Brandenburg Airport were all forced to switch to manual check-ins after hackers targeted their shared technology provider.
The culprit behind the chaos was Collins Aerospace, an Iowa-based company that runs passenger processing systems for airlines across the globe.
Their MUSE software handles operations for around 300 airlines at 100 airports worldwide, making it a prime target with massive potential for disruption.
RTX, Collins Aerospace’s parent company, confirmed the attack was “cyber-related” but tried to downplay the impact. They insisted that airports could work around the problem by reverting to old-school manual check-ins and baggage handling.
What they didn’t mention was how much slower and more chaotic that would make everything. The reality on the ground told a different story.
At Heathrow’s Terminal 3, airport staff grabbed megaphones to manage crowds of frustrated passengers waiting for delayed flights. Some travelers were still trying to check in for flights that were supposed to take off within minutes.
Brussels Airport warned that the disruption would “heavily impact the flight schedule,” while Berlin-Brandenburg admitted to longer waiting times across the board.
By midday, the damage was very apparent. FlightAware reported 136 flight delays and 5 cancellations at Heathrow alone. Brussels saw 97 delays and 3 cancellations, while Berlin-Brandenburg had 59 delays and 2 cancellations.
Brussels Airport said 10 flights had been scrapped entirely, with remaining departures averaging an hour behind schedule.
The attack struck Friday evening, giving airports little time to prepare workarounds for Saturday’s busy travel schedule. Brussels Airport was particularly frank about the situation, calling it a cyberattack on an external provider rather than using euphemisms like “technical difficulties.”
Not everyone was equally affected, though. Delta Air Lines said it expected minimal disruption thanks to backup systems it had implemented.
EasyJet claimed normal operations and no expected impact for the rest of the day. Meanwhile, Frankfurt Airport, Germany’s largest hub, escaped the chaos entirely because it doesn’t rely on Collins Aerospace’s systems.
The incident shows just how vulnerable modern air travel has become to cyberattacks. When a single software provider gets compromised, it can cascade across multiple countries and affect hundreds of thousands of passengers.
Collins Aerospace’s MUSE system is so widely used that the attackers managed to disrupt three major European capitals simultaneously.
