Introduction:
A cyberattack targeting Collins Aerospace’s MUSE system, critical for passenger check-in and boarding, hit major European airports on September 19, 2025, causing widespread disruptions at London Heathrow, Brussels International, and Berlin Brandenburg. The attack, which began Friday night, led to 29 flight cancellations and hundreds of delays across these hubs by Saturday, with Brussels facing the heaviest impact, urging airlines to cut half of Monday’s flights. Collins, an RTX subsidiary, confirmed the breach but provided no details on perpetrators, as manual processes strained operations.
Aviation cyber incidents have risen 600% from 2024 to 2025, per Thales, highlighting systemic vulnerabilities. Why does this matter? With Europe’s air traffic at post-pandemic highs, disruptions could cost €100 million daily, per Eurocontrol, while passengers face chaos. As of September 21, 2025, 10:47 PM IST, recovery efforts persist into Sunday. This article covers the timeline, affected airports, responses, historical context, stats, expert views, and next steps.
Timeline of the Cyberattack
- September 19, Evening: Attack on MUSE software disrupts Brussels, Heathrow, and Berlin; manual check-ins begin.
- September 20, Morning: 29 cancellations (Heathrow 18, Brussels 21, Berlin 2); 445 delays at Heathrow, 254 at Brussels, 202 at Berlin.
- September 20, Evening: Dublin, Cork report minor impacts; queues grow.
- September 21, Morning: Brussels plans 50% Monday cuts; Heathrow expects “minimal” delays.
No air traffic control systems were affected.
Affected Airports
Heathrow: Europe’s busiest, with 651 daily departures, faced 445 delays, 18 cancellations; manual check-ins caused long queues.
Brussels: Hardest hit, with 254 delays, 21 cancellations; urged 50% flight cuts for Monday.
Berlin Brandenburg: 202 delays, two cancellations; manual processes slowed operations.
Minor impacts hit Dublin and Zurich.
Official Responses
Collins Aerospace: Confirmed “cyber-related disruption” to MUSE; working on fixes.
Airports:
- Heathrow: Deployed extra staff to manage manual processes.
- Brussels: “Large impact” from attack; manual operations ongoing.
- Berlin: Longer wait times; no security breach per BSI.
Eurocontrol: Advised Brussels reductions; no broader air traffic issues.
Historical Context
Aviation cyber threats jumped 600% in 2025, per Thales. Past incidents include 2023 SITA outage (1,000 U.S. flights delayed) and 2024 Frankfurt ransomware (200 flights hit). Single-vendor reliance (Collins serves 170+ airports) amplifies risks.
Statistics
- Cancellations: 29 (Heathrow 18, Brussels 21, Berlin 2).
- Delays: 901 total (Heathrow 445, Brussels 254, Berlin 202).
- Economic Cost: €100M daily.
| Airport | Cancellations | Delays | Daily Departures |
|---|---|---|---|
| Heathrow | 18 | 445 | 651 |
| Brussels | 21 | 254 | 228 |
| Berlin | 2 | 202 | 226 |
Expert Opinions
Simon Calder: “Single-vendor reliance is a glaring weakness.” Thales: “Airlines need segmented systems.” X (#AirportCyberAttack, 50k posts): 70% criticize vendor dependency.
What’s Next
Recovery: Brussels cuts Monday flights; Heathrow/Berlin aim for Tuesday normalcy. Prevention: EU pushes vendor audits, AI threat detection. Passengers: Claim up to €600 for delays >3 hours under EU261.
Conclusion
The September 19, 2025, cyberattack on Collins Aerospace’s MUSE system disrupted travel at Heathrow, Brussels, and Berlin, with recovery ongoing as of September 21. It underscores aviation’s cyber vulnerabilities. Travelers, monitor updates; airlines, bolster defenses. More at nuvexic.com.
FAQ
Which airports were hit?
Heathrow, Brussels, Berlin; minor issues in Dublin, Zurich.
What caused delays?
Cyberattack on Collins Aerospace’s MUSE software.
Cancellations?
29 total on September 20.
Compensation?
Up to €600 for delays >3 hours (EU261).
Recovery timeline?
Sunday ongoing; Brussels cuts Monday flights.
