Flights have been delayed and cancelled at three major European airports, including London Heathrow, after a cyber-attack hit the software used for airline check-in and boarding.
Airports in Brussels and Berlin have also reported disruption following the incident affecting Collins Aerospace, a company providing services to multiple airlines worldwide. The attack has prompted concerns over the resilience of systems underpinning critical infrastructure, with cybersecurity experts warning that the disruption could potentially spread to other airports.
Transport Secretary Heidi Alexander said she was being kept informed of developments. “I’m aware of an incident affecting airline check-in and boarding, impacting flights at Heathrow and other European airports,” she said. “I’m getting regular updates and monitoring the situation. If you’re flying at Heathrow today, check with your airline before travelling.”
The cyber-attack targeted Collins Aerospace’s Muse software. Collins, a subsidiary of RTX, also advises other firms on cybersecurity and provides services supporting military operations.
Heathrow Airport urged passengers to confirm their flight status before travelling and advised against arriving more than three hours before a long-haul flight or two hours before a domestic departure.
Brussels Airport said the attack occurred on Friday night, forcing check-in and boarding to be handled manually. “This has a large impact on the flight schedule and will unfortunately cause delays and cancellations of flights,” a spokesperson said. Passengers were advised to travel to the airport only if their flight was confirmed.
Berlin Airport reported “longer waiting times at check-in” due to a technical issue at a Europe-wide system provider and said it was working on a quick resolution.
In a statement, Collins Aerospace confirmed: “We have become aware of a cyber-related disruption to our Muse software in select airports. We are actively working to resolve the issue and restore full functionality to our customers as quickly as possible. The impact is limited to electronic customer check-in and baggage drop and can be mitigated with manual check-in operations.”
Professor Alan Woodward, a cybersecurity specialist at the University of Surrey, said the incident raised questions about the apparent reliance on Collins to resolve the problem. He suggested the system was likely centralised, meaning that if Collins had to shut it down to address the issue, the disruption could be extensive. He also questioned why only three airports had been affected if the system was used more widely, suggesting attackers may have targeted specific locations.
Among those caught up in the disruption was Maria Casey, from Aldershot, Hampshire, who was travelling to Thailand via Abu Dhabi. Her Etihad flight, scheduled for 9.30am, was delayed, and she queued for three hours while baggage check-in was carried out manually. “Only two desks were staffed which is why we were cheesed off,” she said. “Didn’t know then it was a cyber-attack until four hours later.”
