Massive Cyber Attack Disrupts Airlines: Heathrow and European Airports Hit
LONDON — A major cyber attack targeting Collins Aerospace’s MUSE check-in software has caused widespread disruptions at several European airports today, including Heathrow, Berlin Brandenburg and Brussels. Automated check-in, boarding and baggage systems went offline, forcing staff to revert to manual processes and triggering flight delays and cancellations.
What Happened
The issue began on the evening of Friday 19 September 2025, when the service provider for check-in and boarding systems reported a cyber-related disruption. The provider is Collins Aerospace’s MUSE (Multi-User System Environment) software. Heathrow noted that the problem is with the third-party provider, not its air traffic control systems.
Airports affected switched to manual check-in, baggage drop and boarding. At Brussels, several flights were cancelled; Berlin reported long delays. Although Heathrow was impacted, some airlines there were less affected due to backup systems.
Eyewitness & Official Reactions
Passengers described chaotic scenes: long queues, delayed check-ins, and confusion. Some travellers said they were not notified about the problem until arriving at the airport.
The UK Transport Secretary, Heidi Alexander, said she was being kept updated on the incident and advised travellers to check flight status before travelling. Brussels Airport called the impact “large” initially. Collins Aerospace said it is working to restore full functionality as quickly as possible.
Wider UK Cyber Threats: A Surging Trend
This attack comes amid increasing cyber threats in the UK over the past year. According to the National Cyber Security Centre (part of GCHQ), the frequency and severity of “nationally significant” cyber-incidents have doubled. The UK is facing more attacks involving ransomware, data theft, and threats to critical infrastructure.
Richard Horne, Chief Executive of the NCSC, has warned that the UK “cannot be complacent about state-led threats or the volume of the threat posed by cybercriminals.” He noted that attacks targeting supply chains, software providers, and third-party services are particularly dangerous because they can cascade across many organisations.
What This Means: Risks & Implications
- Critical infrastructure vulnerability: Centres like airports are especially at risk when third-party providers (like Collins Aerospace) are attacked, since many airlines rely on shared tech systems. A failure in one provider can ripple across many airports.
- Operational chaos: Manual operations are slower, more error-prone, and cannot scale easily. Travelers face cancellations, missed connections, and baggage problems. Airlines may incur large costs and reputational damage.
- Data security risk: Though no data breach has yet been confirmed in this incident, systems used for check-in often store personal identification, flight, and travel history data. A compromised backend could expose sensitive personal data.
- Regulatory and policy pressure: Pressure will grow on government agencies like the NCSC and on regulators to enforce stronger cybersecurity requirements, especially for third-party providers.
Quotes & Expert Commentary
From GCHQ / NCSC perspectives:
“The UK is facing increased hostile activity in cyberspace. Organisations must treat cybersecurity not as optional but as foundational to their operations. Supply chains and third-party vendors are often the weakest link.” — Richard Horne, Chief Executive, NCSC
Independent experts also weighed in:
“This incident demonstrates just how interconnected the aviation ecosystem is. A flaw at one service provider can cascade and cause widespread disruption. Resilience must include backups, redundancy, and constant auditing.” — Cybersecurity consultant not named in public reports. (Paraphrased from expert commentary across media)
Historical Context & Precedents in the UK
Over the past year, multiple significant cyber-events have impacted UK organisations:
- The number of “nationally significant” incidents has doubled, with around 200 such cases recorded in recent months compared to fewer in previous years. Many involve ransomware, critical infrastructure or high-value data.
- Companies like Marks & Spencer, the Co-op, and Harrods have suffered high profile attacks, demonstrating that retail and private sector firms are not immune.
- The UK Electoral Commission suffered a data breach affecting voter records; large scale data thefts and leaks (public registers, third-party services) have become more frequent.
What Should Be Done Next
Policy makers and industry leaders are likely to call for:
- Stricter regulation of cybersecurity for third-party software providers, especially those servicing critical infrastructure like transport, health, and energy.
- Mandatory standards for redundancy and fail-safe systems so that when software systems fail, operations can switch to safe backup plans without major disruption.
- Greater transparency and incident reporting so that cyber-events are shared quickly and lessons are learned across organisations.
- Investment in cyber-defence and skills, especially for organisations that may be underprepared, such as regional airports and smaller suppliers.
- Collaboration between government, industry, intelligence agencies (like GCHQ), and international allies to monitor, deter, and where necessary retaliate against attacks on critical systems.
The Stakes for Citizens & Travellers
For travellers, this incident means delays, uncertainty, cancelled flights, and missed connections. For regular citizens, it is a reminder that many services depend on invisibly complex digital systems. Failures or attacks in these systems can ripple into daily life beyond just travel.
For the government, the cost is not just financial but reputational. Repeated cyber-events erode public trust and raise the question: is the UK doing enough to protect its infrastructure?
Fidelis: For Those Who Still Value Truth
Fidelis News is free to read, but not free to make. If you value independent journalism, please consider supporting us:
By Fidelis News Staff — 20 September 2025
