Passengers at some of Europe’s major airports faced serious difficulties again on Sunday after a cyberattack hit flight check-in systems on Saturday, causing massive cancellations and long queues at terminals.
Brussels Airport confirmed that 50% of flights on Sunday, September 21, will be canceled due to ongoing problems with the electronic check-in system.
“We have asked airlines to cancel half of their flights to avoid chaos and last-minute cancellations,” an airport spokesman said.
Eurocontrol, the European air traffic management agency, asked airlines to reduce schedules to and from Brussels until Monday.
London’s Heathrow Airport reported delays for several airlines due to a “technical issue” with its check-in system. British Airways has switched to a backup system and is operating normally, but many other companies continue to face disruptions.
In Berlin, Brandenburg Airport recorded long waits and significant delays.
US company RTX, owner of Collins Aerospace, confirmed that its Muse system – a shared software for passenger check-in and baggage delivery – was the target of the cyberattack. Muse is used by a large number of airlines in shared terminals. Investigations into the origin of the attack are ongoing, while Collins Aerospace has not yet publicly explained its nature.
The European Commission said it was “closely monitoring” the situation, saying there was no evidence of a wider threat so far. According to the FlightAware platform, hundreds of flights were delayed across Europe since Saturday. In Ireland, Dublin and Cork airports reported only “minor impact” as some airlines switched to manual check-in. EasyJet and Ryanair, which do not use the Muse system, said they were operating normally.
Meanwhile, in Dublin, a separate incident caused the temporary evacuation of Terminal 2, after an alarm about suspicious luggage turned out to be harmless.
Cybersecurity experts say the attack highlights the aviation industry’s vulnerability to attacks on its digital infrastructure. There are unconfirmed suspicions that hackers linked to Moscow may have been involved, but analysts recall that most major attacks in recent years have been the work of criminal groups seeking financial gain through extortion.
In July, a global outage caused by a faulty CrowdStrike update temporarily paralyzed air travel in the US – once again demonstrating aviation’s critical reliance on digital systems.