Heathrow faces second day of travel disruption after cyberattack hits check-in systems
Collins Aerospace Muse software disruption causes widespread delays at Heathrow and other European hubs as authorities monitor the incident
Thousands of travelers faced a second day of travel chaos on Saturday as a cyberattack disrupted Heathrow's electronic check-in and boarding systems, forcing manual processing and prompting widespread delays and cancellations across hundreds of flights. The outage, tied to Collins Aerospace's Muse software, affected multiple airports that rely on the same system to manage check-in desks and boarding gates.
The disruption began on Friday and rippled through Europe, with Brussels and Berlin airports reporting longer wait times and flight schedule disruptions on Saturday. Brussels Airport said the cyberattack affected an external service provider used for check-in and boarding, adding that the service provider was actively working to resolve the problem and that the disruption would delay and cancel flights. Berlin Airport also noted longer lines at check-in as the system struggled to recover. Heathrow officials cautioned travelers to monitor status updates and plan for longer processing times, stressing that some flights would continue to operate while others faced delays.
Heathrow said on its site that it was continuing to resolve and recover from the outage and urged passengers to check their flight status before traveling to the airport, arriving no earlier than three hours for long-haul and two hours for short-haul flights. At Terminal 4, passengers faced queues and confusion over whether they would be able to make their trips as check-in and baggage-drop processes remained disrupted. British Airways, operating from Terminal 5, was reported to have avoided major delays thanks to a backup system, but most other airlines using Heathrow were affected.
The National Cyber Security Centre, the UK’s public-facing arm of GCHQ, said it was coordinating with Collins Aerospace, affected UK airports, the Department for Transport and law enforcement to understand the attack’s impact. The European Commission, which oversees airspace management with EUROCONTROL, ENISA and aviation authorities, said there were no signs the cyberattack was widespread or severe, and that aviation safety and air traffic control remained unaffected as investigators assess the incident.
Collins Aerospace issued a statement saying it was “aware of a cyber-related disruption to our Muse (multi-user system environment) software in select airports” and that it was working to restore full functionality as quickly as possible. The company noted that the impact was limited to electronic customer check-in and baggage drop and could be mitigated with manual check-in operations. Muse is designed to allow multiple airlines to use the same check-in desks and boarding gates at an airport, a feature intended to streamline operations but now vulnerable to systemic disruption when the software is compromised.
RTX, the US parent company of Collins Aerospace, confirmed it was aware of the disruption and was working to resolve the issue. The firm underscored that the effect was confined to electronic check-in and baggage drop, with other airport operations continuing to run as normal.
In parallel to the official responses, security analysts and former intelligence officers noted that the attack arrived amid heightened geopolitical tension, with observers pointing to similarities to recent cyber activity attributed to Russia-linked groups. Officials cautioned that while the incident appears localized to specific systems, the full extent of the breach was still under investigation.
The incident underlines vulnerabilities in automation-dependent aviation infrastructure and the importance of robust manual contingencies and backup systems. Airlines and airports said they would continue to work with Collins Aerospace to restore full Muse functionality and to minimize disruption to travelers while the investigation proceeds.
As the investigation unfolds, travelers are advised to monitor airline and airport advisories, check flight status before departing for the airport, and allow extra time for check-in and security screening where possible. With authorities coordinating across national and European agencies, the focus remains on restoring normal operations while safeguarding critical aviation services.