live and let's fly - fly another day with matthew, p
Travel Technology

Europe’s Airports Disrupted By Cyber Attack On Collins Systems

Posted on1 Comment

A cyber-attack on Collins Aerospace’s check-in software is disrupting airports in Europe. What we know, what caused it, and what this means for travelers.

Brussels Airways aircraft in Brussels Belgium

Flight Systems Down In Multiple Countries

Late on Friday night the check-in and boarding systems at several big European airports suddenly stopped behaving. The culprit is a cyber-incident targeting Collins Aerospace’s MUSE software, which handles electronic check-in, baggage drop and how boarding passes and bag tags are printed.  Because those systems went down, automated check-ins and baggage drops at desks aren’t working in some places so airport staff have gone back to manual methods. 

According to reports, airports affected include Heathrow in London, Brussels, Berlin among others.  The knock-on effects are cancelled or delayed flights, long queues, frustrated travelers. 

How It Began And Where It Might Have Started

According to reports, the disruption at Collins Aerospace was first spotted late on Friday.  There is no verified indication that the first reported incident in the US was part of this, or that what was seen in the US triggered the European attack. No trusted sources confirm a US-origin event that precedes the Friday night outage in Europe but Dallas experienced a significant traffic issue which was reported at the time to involve air traffic control communication. 

The Metro has it wrong:

“The disruption began in America, when an air traffic outage brought flights across the US to a standstill.” – Metro UK

So while Collins is a US-based company and the systems are global, all confirmed disruptions so far are at European airports, not at US airports.  Speculation about a US beginning seems to stem from conflation with other cyber-incidents or misunderstanding of what “service provider being US-based” means. The current evidence does not show a clear US start to the attack that then spread.

When Things Might Return To Normal

Full normal operations aren’t restored as of this writing on Sunday night, September 21st, 2025. Brussels airport, for example, has asked airlines to cancel many departures for Monday because Collins has not yet delivered a secure updated version of the affected check-in system.  In Heathrow and Berlin, some improvement was reported by Sunday, but delays and disruptions are still being felt. 

Travelers should watch departures closely. If you have a flight soon through one of the affected airports:

  • Check your flight status ahead of heading to the airport. 

  • Use online or self-service options if available. Kiosks and self bag-drop in many places are still working. 

  • Arrive earlier than usual. Manual check-in takes longer. 

Given that the issue is limited to certain systems (check-in desks, baggage drop), safety of flights, air traffic control and boarding overall aren’t reported to be compromised. 

Collins’ Data Breach

Security experts point out that when a third-party provider like Collins is breached or suffers a serious software failure the downstream effects are huge. One weak link in a system used by many airports means many disruptions.  There is speculation whether this was ransomware, a malicious hack, or some other cyber sabotage. No group has claimed responsibility so far. 

There is also uncertainty about exactly how the attacker got in, how long the systems have been vulnerable, and how quickly a fully secure version of the system can be rolled out globally. Some airports will recover faster than others depending on how they share resources with Collins, how reliant they are on desk check-in, and how many staff and backups they have. 

While this has been messy, recovery is underway. Heathrow and Berlin are showing signs of improvement. Brussels remains hardest hit but is trying to limit upcoming disruptions by cancelling flights in advance. For most travelers the advice is simple: expect delays, double-check flight status, use whatever non-desk check-in you can, give yourself more time.

Conclusion

The cyber-attack on Collins Aerospace has exposed how much modern air travel depends on third-party software systems. What began late Friday with disruption to MUSE, the check-in and baggage software, has rippled across major European hubs. While speculation about a US first event remains speculative, there is no confirmed first incident in the US. Normality won’t snap back immediately but the airports are making progress. Delays, cancellations, longer queues and possibly cancelled flights remain a concern.

What do you think?

About Author

Kyle Stewart

Kyle is a freelance travel writer with contributions to Time, the Washington Post, MSNBC, Yahoo!, Reuters, Huffington Post, Travel Codex, PenAndPassports, Live And Lets Fly and many other media outlets. He is also co-founder of Scottandthomas.com, a travel agency that delivers "Travel Personalized." He focuses on using miles and points to provide a premium experience for his wife, daughter, and son. Email: sherpa@thetripsherpa.comEmail: sherpa@thetripsherpa.com

Follow us on FacebookFollow us on Twitter

Related Posts

1 Comment

  1. Flygar1 Reply

    So actaully MUSE isn’t a check-in software in itself. It is used at common use workstations where it hosts each airlines own check-in systems. So the cmmon use interface is what went down.

    If it is an airline’s own preoprtary workstation then there would be,d be no need for MUSE.

Leave a Reply

Privacy Policy © Live and Let's Fly All Rights Reserved. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Live and Let's Fly with appropriate and specific directions to the original content.