A cyberattack has caused confusion, disrupting operations at a service provider for check-in and boarding systems. The confusion caused travellers in several European airports, including London’s Heathrow, the continent’s busiest, to be met with flight delays and cancellations.
Collins Aerospace is an American aviation and defense technology company that provides check-in and boarding systems for several airlines across multiple airports globally. According to several reports, the attack also affected Heathrow Airport, Brussels Airport, and Berlin Airport.
Cyberattack causes flight cancellation
According to Brussels Airport, the cyberattack incident started on Friday night. The attack stopped all automatic systems from working, allowing only manual check-in and boarding procedures. The airport also mentioned that 10 flights had been canceled so far, with an average delay of one hour for all departing flights.
It added, “This has a large impact on the flight schedule and will unfortunately cause delays and cancellations of flights…The service provider is actively working on the issue and trying to resolve the problem as quickly as possible.” In addition, Berlin Airport said in a banner on its website, “Due to a technical issue at a system provider operating across Europe, there are longer waiting times at check-in. We are working on a quick solution.”
On the other hand, a spokesperson at Frankfurt Airport, Germany’s largest, said it was not affected. An official from the operations control center at Zurich Airport also said it had not been impacted. Delta Air Lines also said it expected minimal impact on flights departing from the three affected airports, adding that it had implemented a workaround to minimise disruption.
Collins Aerospace’s parent RTX said it had become aware of a “cyber-related disruption” to its software in select airports. “The impact is limited to electronic customer check-in and baggage drop and can be mitigated with manual check-in operations,” RTX said. Meanwhile, passengers on a flight scheduled for Saturday were advised by the affected airports to confirm their travel with airlines before heading to the airport.
So far, the events of 2025 have proved one thing beyond doubt: aviation is firmly in the crosshairs of cyber adversaries. In late June 2025, Qantas Airways detected unauthorized activity on a third-party platform used by its contact center. The airline confirmed the breach in early July and stated that the attack shared similarities with intrusions linked to the Scattered Spider group.
Qantas updated its disclosure and confirmed that the personal data of approximately 5.7 million customers was exposed. Around 4 million records, including names, email addresses, and Frequent Flyer details, come with tier level, points balance, and status credits. The remaining 1.7 million included combinations of addresses, phone numbers, dates of birth, gender, and meal preferences.
Many of these hacking gangs are headquartered in Russia or other former Soviet countries, some of which are thought to have ties to the Russian state. But there have been plenty of arrests elsewhere. British and American teenagers are accused of recent large cyber-attacks against Las Vegas casinos, M&S, Co-op, and Transport for London.
