Cyberattack hits Collins Aerospace check-in system, crippling Heathrow, Brussels, Berlin. Thousands face delays, manual ops activated.

Continue reading
Europe’s busiest airports descended into disarray this weekend after a cyberattack on Collins Aerospace’s Muse system, a shared airline check-in and baggage platform, disrupted operations across multiple hubs. Heathrow in London, Brussels Airport, and Berlin’s Brandenburg Airport were hardest hit, forcing thousands of passengers into long queues and prompting airlines to revert to manual systems.
The incident began late Friday night and cascaded into Saturday, causing hundreds of flight delays and cancellations. While authorities stressed that aviation safety was not compromised, the attack exposed how heavily airports rely on third-party digital infrastructure.
At the center of the disruption is Collins Aerospace’s Multi-User System Environment (Muse), software that allows different airlines to share check-in desks and boarding gates. Its outage disabled electronic check-in, boarding pass scanning, and baggage drop services.
RTX, Collins Aerospace’s parent company, confirmed a “cyber-related disruption” and said teams were working to restore normal operations. “The impact is limited to electronic customer check-in and baggage drop and can be mitigated with manual check-in operations,” the company said in a statement.
British Airways was largely unaffected thanks to a back-up system, but most other carriers using Heathrow were caught in the digital bottleneck. EasyJet and Ryanair, which do not operate from Heathrow, confirmed they were unaffected.
For travelers, the disruption was deeply personal.
While some passengers praised airlines for moving queues efficiently and prioritizing urgent flights, overall sentiment was of exhaustion and confusion.
The UK’s National Cyber Security Centre (NCSC) is leading investigations alongside the Department for Transport and law enforcement. A spokesperson confirmed: “We are working with Collins Aerospace and affected airports to fully understand the impact.”
At the European level, the European Commission said it was “closely monitoring” the cyberattack but noted there was no evidence it was “widespread or severe.”
Transport Secretary Heidi Alexander confirmed she was receiving “regular updates” and urged passengers to follow airline advice.
No group has claimed responsibility, and experts caution against premature conclusions.
While some politicians speculated about Kremlin-backed hackers — noting recent Russian incursions into Estonian airspace — security analysts point to the more likely culprits: criminal ransomware gangs. These groups, many based in Russia or Eastern Europe, have earned billions through extortion, often disrupting critical services to demand payment in cryptocurrency.
Cybersecurity researchers noted similarities to ransomware attacks that hit Las Vegas casinos and major UK retailers last year. However, until Collins Aerospace discloses more technical details, theories remain speculative.
Travel journalist Simon Calder summarized the stakes: “At Heathrow, any disruption is serious. Departure control is complex, and if one node fails — in Brussels, in Berlin — pilots, planes, and passengers are all out of place. Things can get a lot worse before they get better.”
Until answers emerge, airlines and passengers alike are bracing for turbulence on the ground — long before take-off.

U.S. Army recruiting pages hijacked to display fake 404 errors reading ‘Kurdistan’, exploiting a third-party tool and exposing .mil web security gaps.