Cyberattack Causes Major Disruptions at European Airports
Brussels, Sunday, 21 September 2025.
On September 20, 2025, a cyberattack hit major European airports, including Heathrow and Brussels, disrupting check-in and baggage systems and causing significant delays and cancellations.
Extent of the Cyberattack
The cyberattack on September 20, 2025, affected key European airports, including Heathrow, Brussels, and Berlin, causing extensive disruptions to electronic check-in and baggage handling systems. The attacks were traced back to a vulnerability in the MUSE software, developed by Collins Aerospace, which is used by multiple airlines across these airports [1][2].
Immediate Impact
The incident led to the cancellation of 29 flights and caused significant delays across the affected airports. At Brussels Airport alone, 10 flights were canceled, and the average delay for departing flights was reported to be over an hour [1][4]. Manual check-in procedures were adopted as a temporary solution to manage the situation [1].
Response and Mitigation Efforts
In response to the attack, airports advised passengers to confirm their travel plans with airlines before arriving at the airport. Heathrow Airport reported minimal disruption, though passengers experienced long wait times [2][3]. The National Cyber Security Centre, along with Collins Aerospace and other stakeholders, is actively investigating the incident to determine its origins and prevent future occurrences [2][5].
Implications for the European Aviation Sector
This incident underscores the vulnerabilities within the aviation sector’s digital infrastructure. According to cybersecurity experts, the attack highlights the industry’s increasing attractiveness to cybercriminals due to its reliance on interconnected digital systems [3][5]. A recent report by Thales indicated a 600% increase in cyberattacks within the aviation sector from 2024 to 2025, emphasizing the need for robust cybersecurity measures [4].