A cyber attack has caused chaos at airports across Europe – here's everything we know so far

Passengers queuing and waiting for updates at Heathrow Airport after a cyber attack on Collins Aerospace disrupted operations on 20th September 2025.

(Image credit: Getty Images)

published 22 September 2025

A cyber attack that crippled operations at a host of European airports on Friday is continuing to cause disruption, with many flights still delayed or cancelled.

Over the weekend, airlines flying out of London Heathrow, Brussels, and Berlin were forced to check passengers in manually following an attack on Collins Aerospace.

The affected software, ARINC cMUSE, allows airlines to share check-in desks and boarding gate positions rather than using their own dedicated infrastructure.

The UK's National Cyber Security Centre (NCSC) said it is working with the company and affected UK airports, together with the Department for Transport and law enforcement agencies, to fully understand the incident and its effects.

Brussels Airport said that around half of outgoing flights today are likely to be affected.

"The service provider is actively working on the issue and trying to resolve the problem as quickly as possible," it said in a statement. "At the moment it is still unclear when the issue will be resolved."

Meanwhile, Heathrow advised, "Work continues to resolve and recover from the outage of a Collins Aerospace airline system that impacted check-in. We apologize to those who have faced delays, but by working together with airlines, the vast majority of flights have continued to operate."

There is of course a knock-on effect on airports not directly affected, with Dublin Airport noting this morning that “ongoing disruption” is affecting check-in and boarding systems.

"The Dublin Airport team is continuing to support airlines today (Monday) as they manage ongoing disruption from a technical issue that is affecting check-in and boarding systems at several airports in Europe."

Passengers told to keep up to date

Passengers are being advised to check the status of their flights before traveling to affected airports and to make sure they arrive in good time – but not too early.

Collins has so far remained tight-lipped about what happened, though it confirmed to Reuters it had experienced a 'cyber-related disruption'.

The aerospace industry has been suffering a wave of cyber attacks over recent months.

In June, a report from Thales found that there had been a 600% increase in ransomware attacks in the aviation sector over the previous year, with 27 major attacks by 22 ransomware groups between January 2024 and April 2025.

Just over seven-in-ten incidents involved credential theft or unauthorised access to critical systems.

However, there's no indication that this particular incident involves a ransom attack. On Saturday, Liberal Democrat foreign affairs spokesperson Calum Miller suggested that Russia might be involved.

"After the flagrant violation of Estonian airspace, the government needs to urgently establish if Vladimir Putin is now attacking our cyber systems," he said.

"If the Kremlin is behind this attack, causing chaos at our busiest airport, we need to be firm in our response."

Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.

MORE FROM ITPRO

Emma Woollacott is a freelance journalist writing for publications including the BBC, Private Eye, Forbes, Raconteur and specialist technology titles.