European airports face prolonged check-in glitch after cyberattack

For travellers, disruption translated into long lines and frustration

Some of Europe's key air hubs continued to battle severe disruption over the weekend following Fridays cyberattack

Some of Europe's largest airports continued to battle severe disruption on Sunday following a cyberattack that struck check-in and boarding systems provider Collins Aerospace on Friday.

The attack has forced airlines and passengers to contend with long delays, cancellations, and uncertainty heading into the new workweek.

The incident, which began on Friday, targeted Collins Aerospace's MUSE software, a widely used system for passenger check-in and baggage drop.

The disruption rippled through several major hubs including London's Heathrow, Berlin Brandenburg, and Brussels Airport.

While manual check-in operations have helped soften the blow, officials say normal service has yet to be fully restored.

For travellers, the disruption translated into long lines and frustration.

Brussels Airport, one of the hardest hit, asked airlines to cancel half of all scheduled departures for Monday after Collins Aerospace failed to provide a secure, updated version of its software in time.

On Sunday, 50 of 257 planned departures were cancelled, compared with 25 cancellations out of 234 flights on Saturday.

At Heathrow, Europe's busiest airport, officials said disruption eased considerably by Sunday, with "the vast majority of flights continuing to operate" and only minimal delays.

Aviation data firm Cirium confirmed delays at Heathrow were "low," while Berlin faced "moderate" issues and Brussels endured "significant" disruption.

Berlin Brandenburg Airport acknowledged lingering problems but said its manual workarounds were keeping operations close to normal.

"Occasionally, there are longer waiting times at check-in, boarding, baggage handling and baggage reclaim," the airport said in a statement.

Airlines scramble to adapt

Several major carriers said they were largely insulated from the disruption. EasyJet reported normal operations on Sunday, while Delta Air Lines said it was using a workaround to minimise delays. United Airlines described the impact as "minor," with no cancellations.

RTX, the parent company of Collins Aerospace, acknowledged the software outage but said that the disruption was limited.

"The impact is limited to electronic customer check-in and baggage drop and can be mitigated with manual check-in operations," the company stated.

Collins Aerospace said Monday it was in "the final stages" of rolling out software updates to restore full functionality at the four affected airports.

Still, officials in Brussels cautioned that until those fixes are in place, passengers should brace for continued disruption.

The source of the attack remains unclear. Both British and German cyber-defence authorities said they were in contact with airports, while the European Commission stressed there were no indications of a widespread attack.

Heidi Alexander, the UK's Transport Minister, noted that she was receiving frequent briefings on the issue.

Experts cautioned that the incident reflects the fragility of aviation's digital backbone.

"The impact of the incident highlighted the fragile and interdependent nature of the digital ecosystem underpinning air travel," said Rafe Pilling, director of threat intelligence at cybersecurity company Sophos.

Similar large-scale outages are often linked to ransomware, in which hackers cripple networks to extort payment or deliberate digital sabotage.

Europe has already seen significant cyber incidents this year, including breaches at Jaguar Land Rover that halted car production and attacks on UK retailer Marks & Spencer that triggered losses in the hundreds of millions of pounds.