Skip to content
The Gazette. Learn something new today and every day.

More Stories

‘Ransomware incident’ at Collins Aerospace cited in Europe airport disruptions

Attack targeted Cedar Rapids-based company’s MUSE software that underpins check-in, boarding and baggage systems

Bloomberg News

Sep. 22, 2025 6:20 pm

People stand in a line to check in after a cyber attack caused delays at Brussels International Airport in Zaventem, Belgium, Saturday, Sept. 20, 2025. (AP Photo/Harry Nakos)
People stand in a line to check in Saturday after a cyberattack on Collins Aerospace software caused delays at Brussels International Airport in Zaventem, Belgium. (Associated Press)

The Gazette offers audio versions of articles using Instaread. Some words may be mispronounced.

A cyberattack that forced airlines to cancel and postpone flights at several major European airports was caused by ransomware that disrupted the software used to process passenger check-ins, according to a European cybersecurity agency.

The incident, which began Friday, targeted a system called MUSE operated by Cedar Rapids-based Collins Aerospace. The platform underpins check-in, boarding and baggage systems for airlines worldwide. With kiosks and bag-drop machines offline, airports have been forced to rely on manual processing, slowing passenger flows.

The European Union Agency for Cybersecurity, or ENISA, confirmed in a statement Monday that the outage was “caused by a third-party ransomware incident.”

Ransomware is a kind of malicious software that hackers use to lock down a victim’s computer by encrypting its files. The hackers usually demand payment to unlock affected computers.

The attack affected major European transport hubs, including London Heathrow, Berlin Brandenburg Airport and Brussels airports over the weekend, resulting in dozens of canceled flights. Delays in London and Berlin had eased by Monday, but Brussels airport was still facing significant disruption.

Collins Aerospace didn’t immediately respond to a request for comment. Its parent company, RTX, previously said it was working to regain “full functionality to our customers as quickly as possible.”

Collins Aerospace over the weekend cited a “cyber-related disruption” to its software at "select” airports in Europe, according to the Associated Press.

Ihsane Lekhli, a spokesperson for Brussels Airport, said that of 277 departing flights scheduled for Monday, 40 had been canceled, while 23 arriving flights were canceled. The airport was asking passengers to check in online in advance, instead of checking in at the airport, where systems still were down.

“It is not yet clear when we will be able to switch back to the normal check-in and boarding system,” Lekhli added.

Disruptions have remained limited compared to Europe’s total daily air traffic, but the incident highlights the strain on airlines and airports when critical technology suppliers are disrupted, with recovery expected to remain uneven until Collins Aerospace restores full service.

This year has seen a sharp increase in cyberthreats against infrastructure and aviation. A June report by Thales SA, a French defense company, showed a 600 percent year-on-year increase in ransomware attacks in the aviation sector, with dozens of incidents affecting airlines, airports, navigation systems and services.

Article Tags Collins Aerospace, Aviation, European Union
Date Time Location Previous Next chevron-circle-right Funeral Home Facebook Bluesky X/ Twitter Linkedin Youtube Instagram Tiktok Reddit Email Print Buy RSS Feed Opens in new tab or window PDF
Daily NewslettersDaily Newsletters

Share this article: