Passengers across Europe are facing significant flight delays as major airports deal with the repercussions of a cyber-attack targeting the software responsible for check-in and boarding processes. The incident, which originated on Friday, has disrupted operations at some of the continent’s busiest hubs, including London Heathrow.
The cyber-attack affected Collins Aerospace, a software provider affiliated with several global airlines and a subsidiary of the U.S. aerospace and defense company RTX. Following the attack, key airports like Brussels, Dublin, and Berlin have reported operational challenges. Many kiosks and bag-drop machines were rendered non-functional, forcing airline staff to resort to manual processing to accommodate travelers.
Brussels Airport reported a significant impact, with 40 of its 277 departing flights and 23 of its 277 arriving services canceled as it waited for Collins Aerospace to confirm the security and restoration status of the system. In contrast, a representative from Heathrow insisted that while “the vast majority of flights are operating as normal,” some passengers could still experience longer check-in and boarding times due to the ongoing issues.
Heathrow Airport has stressed that it does not own or operate the compromised system, complicating its ability to resolve the situation directly. However, additional staff have been deployed in terminals to assist travelers, and passengers have been advised to check their flight status prior to arriving at the airport. They recommend arriving no earlier than three hours before long-haul flights and two hours for short-haul journeys.
Dublin Airport also expressed cautious optimism, stating that it did not anticipate any cancellations on Monday related to the IT disruptions, although it acknowledged the possibility. Aer Lingus reported being “significantly impacted” by the software failure over the weekend.
RTX announced on Saturday that it was actively working to address the issue affecting its Muse software. The incident raises alarms regarding the critical reliance of airports on third-party vendors for essential technologies. The European Commission has stated that it is closely monitoring the situation, noting that preliminary assessments do not suggest that this is a widespread or particularly severe cyber-attack.
As a consequence of the incident, airline stocks have taken a hit in early trading, with British Airways parent company International Airlines Group (IAG) experiencing a decline of 1.2%. EasyJet and Wizz Air also saw drops of 1.4% and 1.1%, respectively. This cyber-attack comes on the heels of other significant breaches, including a recent incident involving British carmaker Jaguar Land Rover, which necessitated a production freeze, and an earlier cyber-attack on retailer Marks & Spencer, which resulted in millions of pounds in losses.
