(LONDON HEATHROW) European airports spent the weekend wrestling with a crippling cyberattack on airline check‑in and boarding platforms, layered on top of fresh labor unrest that has rolled across several countries. Beginning Friday, September 19, a targeted hit on Collins Aerospace systems forced major hubs—including London Heathrow, Brussels, Berlin Brandenburg, and Dublin—to fall back on manual processing. By Sunday, September 21, operators said recovery was underway, yet delays and cancellations remained common, with Brussels suffering the heaviest strain.
Regulators and airport authorities urged travelers to arrive early, expect lines, and watch for last‑minute changes as carriers trimmed schedules to ease pressure on overstretched operations at key airports.
Latest conditions at key hubs
Heathrow reported that “the vast majority of flights” operated through the weekend, though queues built quickly at check‑in and baggage drop as staff typed passenger data by hand.
Brussels canceled 45 of 257 departures on Sunday—nearly 18%—and warned of 30–90 minute delays for many flights that did depart. Average waits at Brussels stretched to about an hour as ground teams coped with manual verification and slower boarding.
Berlin Brandenburg held to manual workarounds with moderate delays but few cancellations. Dublin kept most flights moving while urging travelers to arrive earlier than usual.
Across Heathrow, Berlin, and Brussels combined, authorities tallied 29 cancellations on Sunday as manual verification slowed processing and created knock‑on effects throughout the day.
What was affected and vendor response
Officials said the attack was focused on Collins Aerospace, a major supplier of airline and airport departure control software. The disruption toppled automated check‑in and gate systems across parts of Europe, forcing long paper‑based processes that multiplied small delays into missed slots and rolling queues.
A spokesperson for the European Commission confirmed an investigation and said there was no evidence of a broader systemic breach beyond the compromised systems. Collins Aerospace said teams are actively working to restore full functionality, while carriers continue to thin schedules, in some cases scrapping up to half of services to stabilize operations during peak periods.
Airlines told passengers to pack patience and expect crowds at peak times, especially mornings and late afternoons this week.
Why manual workarounds still slow everything down
Manual processing keeps planes moving, but it is a blunt tool at scale.
- Without automated check‑in, departure control, and baggage reconciliation, each step takes longer and creates fresh choke points.
- Names must be keyed in, documents checked by sight, and bags matched manually to passenger records.
- That friction leads to late passengers at the gate, missed slots, and aircraft that push back out of sequence.
Airlines depend on tightly timed turnarounds; when a few flights slip, downstream rotations grow ragged and the knock‑on effects reach other airports by evening. That dynamic explains why operators asked carriers to cancel up to half of trips during the peak recovery window.
Security teams also face a broader backdrop: aviation has seen a sharp rise in malicious activity, with one industry report citing a 600% increase in cyberattacks from 2024 to 2025. Analysts say the sector’s reliance on connected tools—reservation systems, departure control, biometric boarding, and baggage tracking—creates a large attack surface. When a core vendor is hit, many carriers and airports feel the impact at once.
According to analysis by VisaVerge.com, the clustering of suppliers across the airline technology stack means outages can cascade, even when only one company is targeted. Resilience depends on rehearsed contingency plans as much as on software defenses.
Passenger guidance and rights
Airports and airlines are urging passengers to take simple steps while systems stabilize:
- Arrive earlier than usual to allow for manual identity checks and slower baggage drop.
- Confirm flight status before leaving home and again upon reaching the terminal.
- Expect gate and time changes during the recovery window.
- Many carriers are waiving change fees or offering free rebooking within a limited window.
Under European rules, certain delays and cancellations may entitle passengers to assistance or compensation, but coverage varies depending on whether the cause is a strike, a cyber incident, or weather. For guidance, see the European Commission air passenger rights page.
Important: Keep boarding passes, receipts, and any written notices from the airline. If you accept a refund, confirm how checked bags will be returned.
Operational measures and continued precautions
Airport authorities said they will keep manual check‑in and baggage procedures in place where needed until vendor systems are fully restored. Eurocontrol has used rerouting and temporary relaxations in certain airspace rules to balance demand during the disruptions.
The European Commission said its review of the incident is ongoing. For now, neither officials nor industry sources have reported evidence of a wider breach beyond the affected systems, though investigators are still tracing the source and method of the attack as recovery advances day by day.
At individual airports:
- Heathrow: Terminal teams rolled out extra staff to guide queues, hand out water, and triage passengers with tight connections. Airline duty managers prioritized long‑haul departures where crew duty limits and slot availability are harder to rework.
- Brussels: Advised passengers to pack essential medicines and chargers in carry‑on bags, and to keep boarding passes and ID handy as they may be checked more than once.
- Berlin & Dublin: Echoed the same messages—patience, early arrival, and close attention to airline alerts.
Labor unrest compounding the situation
Pressure on airports was amplified by recent and ongoing strikes.
- In France, a national walkout on September 18 disrupted rail, metro, and some air services. The main air traffic control union, SNCTA, called off its action that day, but other unions pressed ahead, causing localized closures and capacity limits (including a full shutdown at Limoges and constrained operations at Basel).
- Authorities warned the next major French ATC strike is planned for October 7–10, 2025, which typically forces airlines to cut schedules—sometimes by up to 50%—and can slow overflights that never touch French soil.
- In Spain, rolling baggage worker actions will continue on select days, so weekend flights may face extra pressure even after the cyberattack subsides.
Looking ahead, the early October strikes represent the next major test: flights not touching France can still be rerouted or delayed because controllers manage some of Europe’s busiest corridors. Airlines often thin schedules preemptively to avoid airborne holding and crew timing out.
Practical advice for travelers
For families, students, and workers who rely on timely connections, the practical advice is simple and human:
- Build extra time into trips.
- Keep medications and a day’s essentials in your carry‑on.
- Print a copy of your itinerary and keep passport/visas easy to reach.
- If a tight connection looks impossible, speak with staff early—rebooking is easier before bags are loaded and boarding begins.
- If switching to rail or road, ask airlines what they can cover before you buy a new ticket.
When delays or cancellations occur:
- Airlines must usually offer meals after set wait times and hotels for overnight stays.
- For cancellations, passengers can usually choose a refund or rebooking.
- Entitlements may differ during strikes versus security incidents; policies vary by carrier.
- Document expenses (keep receipts) and keep written notices from the airline.
Final takeaways
- The cyberattack on Collins Aerospace disrupted automated check‑in and boarding systems across multiple European airports, forcing manual processing that compounded delays.
- Recovery was underway by September 21, but disruptions and schedule thinning continued.
- Labor actions across Europe — especially planned French ATC strikes in October — add another layer of risk to travel plans.
- Passengers should arrive early, monitor flight status closely, and keep documentation and essentials on hand.
Key reminder: For official passenger rights and compensation guidance, consult the European Commission’s air passenger rights page: https://transport.ec.europa.eu/transport-themes/passenger-rights/air_en
This Article in a Nutshell
A cyberattack on Collins Aerospace beginning September 19 forced airports across Europe—Heathrow, Brussels, Berlin Brandenburg, and Dublin—to revert to manual check‑in and boarding processes. Manual workarounds increased processing times, causing long queues, baggage delays, and cancellations; Brussels canceled 45 of 257 departures and reported many flights delayed 30–90 minutes. Collins Aerospace is working to restore systems while airlines trimmed schedules, in some cases cutting up to half of services to ease operational strain. The incident compounds existing labor unrest, with planned French ATC strikes in early October posing additional risk. Passengers should arrive early, monitor flight updates, keep documentation, and check EU passenger rights for rebooking or compensation.
