A significant cyber-attack targeting the check-in and baggage systems of several major European airports, including London Heathrow, Brussels, and Berlin, has caused widespread disruption over the past weekend. The incident, which began on Friday night, impacted the Muse software provided by Collins Aerospace, a subsidiary of RTX, forcing airlines to revert to manual check-in procedures and leading to extensive delays and cancellations.

The disruption was immediately felt across the affected airports. At Heathrow, nearly 47% of departing flights were delayed on Saturday, with 13 cancellations, and over 130 flights delayed by 20 minutes or more by Sunday morning. Passengers faced hours-long queues, with some reporting difficulties, such as Naomi Rowan who was unable to board her dog Dusty without the electronic system, and Monazza Aslam who missed a connecting flight due to extended waits. British Airways, however, managed to operate normally at Terminal 5 by utilizing a back-up system, remaining largely unaffected.

Brussels Airport experienced severe operational difficulties, with images showing a “sea of people.” The airport asked airlines to cancel half their departing flights, and by Sunday, 44 flights had been cancelled, with more anticipated. Eurocontrol, Europe’s combined aviation safety organization, advised airlines to cancel half their schedules to and from Brussels Airport until Monday morning. Despite these measures, long queues and further delays were expected as manual check-in continued.

Berlin Brandenburg Airport also faced challenges, with 12 cancellations on Saturday and over 70 flights delayed by midday Sunday. The airport advised travelers to use online or self-service check-in options to mitigate longer waiting times. Meanwhile, Dublin Airport initially reported technical issues leading to manual check-ins and some disruptions, particularly affecting Aer Lingus. However, it largely expected to operate a full schedule on Sunday, though passengers were still advised to contact their airlines for updates and allow additional time for manual processes. Cork Airport, also owned by Dublin's parent company, reported no significant disruption.

Collins Aerospace acknowledged a “cyber-related disruption” to its Muse software in “select airports” and stated it was actively working to resolve the issue and restore full functionality as quickly as possible. The company has not yet disclosed the exact nature of the attack or how long the outage is expected to last. Manchester Airport confirmed it remained unaffected as it does not rely on the impacted system.

In response to the incident, the National Cyber Security Centre, alongside the Department for Transport and law enforcement, worked with Collins Aerospace and affected UK airports to understand the impact. The European Commission, while closely monitoring the situation, indicated there was no evidence to suggest the attack was “widespread or severe” across Europe’s aviation sector. Transport Secretary Heidi Alexander also confirmed she was monitoring developments.

This incident underscores the aviation industry’s vulnerability to digital system failures, a point highlighted by a global IT crash in July that affected flights across the US due to a faulty software update. While the current cyber-attack has caused considerable inconvenience, aviation safety and air traffic control systems have remained unaffected, with authorities and airlines focusing on restoring normal operations and supporting disrupted passengers.