A cyberattack disrupted check-in systems at several major European airports starting late Friday, September 19, 2025, continuing into Sunday, September 21, 2025, and causing extensive flight cancellations and delays. The incident affected airports in Brussels, Berlin, and London, while many others remained unaffected. Brussels Airport was identified as the hardest hit, with airport authorities requesting the cancellation of nearly 140 departing flights scheduled for Monday, September 22, 2025. This step was taken because Collins Aerospace, a U.S.-based technology provider, was not yet able to deliver a secure version of its compromised software. The disruption began with problems in issuing boarding passes, bag tags, and processing luggage, forcing airlines to rely on manual systems. Data from Brussels Airport confirmed that 25 flights were canceled on Saturday, September 20, 2025, and 50 flights on Sunday, September 21, 2025, highlighting the severity of the situation.

The cyberattack was directed at the check-in desk systems, while self-service kiosks, online check-in, and air traffic control remained functional. Airport staff used handwritten boarding passes and backup laptops to assist passengers, leading to long waiting times. Experts suggested that the attack could have been carried out by hackers, criminal organizations, or even state actors, although no group has yet claimed responsibility. The European Commission clarified that aviation safety was not at risk, but the disruption underlined vulnerabilities in airport technology. Collins Aerospace, a subsidiary of RTX Corporation, announced that the issue was limited to customer check-in and baggage drop and that mitigation was possible with manual procedures. The company added that work was ongoing to deliver a secure update. Analysts emphasized that such cyber-related disruptions pose a significant challenge for international travel, reflecting the precarious dependence of airports on complex digital infrastructure.