Massive Travel Disruption Strikes Heathrow, Brussels, and Berlin Airports, Over 50 Flights Canceled, with British, Lufthansa, easyJet, SAS, KLM, and More Hit by Devastating Cyberattack Chaos

Published on September 21, 2025

Heathrow, Brussels, and Berlin airports have been severely disrupted, with more than 50 flights canceled and many more delayed, impacting British Airways, Lufthansa, easyJet, SAS, and KLM. A cyberattack on Collins Aerospace’s MUSE software, which handles check-in and boarding for many airlines at these airports, was the root of the problem. Ever since Friday, MUSE’s systems have been under attack, compelling airlines to revert to manual systems of operations, further disturbing the business as usual framework. The aftermath is still being dealt with, as passengers are undergoing extreme delays and the airports are pinged with recovery operations.

A significant cyberattack targeting Collins Aerospace’s MUSE (Multi-User System Environment) software has caused widespread disruptions at some of Europe’s busiest airports, including London Heathrow, Brussels, and Berlin Brandenburg. The attack, which began on Friday night, has resulted in numerous flight cancellations, delays, and confusion for thousands of passengers. As the incident continues to affect the travel industry, airports and airlines are working together to restore normal operations.

This detailed report will outline the events surrounding the cyberattack, its impact on operations at major European airports, and what travelers need to know to navigate the chaos.

Overview of the Cyberattack

The cyberattack targeted Collins Aerospace, a major service provider for many airlines, causing significant technical failures in its MUSE software systems used for check-in and boarding operations. This software disruption led to delays at various European airports, including Heathrow, Brussels, and Berlin, where automated systems were rendered inoperative. Airlines were forced to revert to manual processes for check-in and baggage handling, leading to long queues and frustrated passengers.

Collins Aerospace acknowledged the disruption on Saturday, assuring that they were actively working to resolve the issue. The company explained that the attack primarily affected electronic customer check-in and baggage drop systems but could be mitigated through manual operations.

Impact on London Heathrow Airport (LHR)

As Europe’s busiest airport, Heathrow has experienced some of the most severe disruptions due to this cyberattack. The issue began on Friday night, continuing through Saturday, and into Sunday, causing significant operational challenges across the airport. Passengers were advised to check flight statuses before arriving at the airport, with Heathrow recommending three hours for long-haul flights and two hours for short-haul flights.

Key Stats at Heathrow:

• Total Delays: 14
• Total Cancellations: 9

Several major airlines operating out of Heathrow were affected, including British Airways, Brussels Airlines, United Airlines, Aer Lingus, Lufthansa, and others. Among the cancellations, British Airways saw the highest number of affected flights.

Flights Affected at Heathrow:

• British Airways: 4 cancellations and 6 delays (0% of flights)
• Brussels Airlines: 2 cancellations (25% of flights)
• United Airlines: 1 cancellation (2% of flights)
• Aer Lingus: 1 cancellation (2% of flights)
• Lufthansa: 1 cancellation (2% of flights)
• Air India: 2 delays (15% of flights)
• Cathay Pacific: 2 delays (18% of flights)
• Eurowings: 1 delay (4% of flights)
• Gulf Air: 1 delay (25% of flights)
• Virgin Atlantic: 1 delay (1% of flights)
• American Airlines: 1 delay (2% of flights)

Several cancellations were for destinations like Brussels, Berlin, Dublin, and New York. The disruptions also impacted other key international destinations including Frankfurt, Munich, and Paris.

Despite these issues, British Airways at Terminal 5 remained unaffected, with operations continuing as usual. It is believed that British Airways’ specific check-in and boarding operations were not impacted by the system failure that affected other terminals.

Impact on Brussels Airport (BRU)

Brussels Airport, a major European hub, was another airport severely impacted by the cyberattack. Airlines operating out of Brussels, including Brussels Airlines, Vueling, and easyJet, faced significant delays and cancellations due to the technical disruptions caused by the cyberattack. The airport quickly issued a statement urging passengers to check the status of their flights before heading to the airport.

Manual check-in and boarding processes were implemented, leading to increased wait times at the airport. Brussels Airport confirmed that the issue was tied to the Collins Aerospace software failure, and its team worked alongside airlines to mitigate the delays.

Key Stats at Brussels:

• Total Delays: 12
• Total Cancellations: 34

Flights Affected at Brussels:

• Brussels Airlines: 13 cancellations (6% of flights) and 9 delays (4% of flights)
• Vueling Airlines: 7 cancellations (53% of flights)
• SAS: 3 cancellations (25% of flights)
• easyJet: 3 cancellations (21% of flights)
• Air Baltic: 2 cancellations (5% of flights)
• CityJet: 1 cancellation (100% of flights)
• Aer Lingus: 1 cancellation (25% of flights)
• KLM: 1 cancellation (12% of flights)
• Aegean Airlines: 1 cancellation (20%)
• SAS Link: 1 cancellation (100%)
• British Airways: 1 cancellation (16%)
• TUI Fly: 2 delays (6%)
• Fly2Sky: 1 delay (12%)

In total, Brussels Airport experienced 34 cancellations, with several key European routes being affected. Flights to and from destinations like London Heathrow, Nice, Barcelona, and Munich saw cancellations. The airport’s staff worked hard to assist passengers, but the technical issues made recovery difficult.

Impact on Berlin Brandenburg Airport (BER)

Berlin Brandenburg Airport, another major European gateway, was also affected by the cyberattack. Passengers at Berlin Brandenburg Airport experienced long waiting times at check-in, as airlines struggled to process passengers manually. The airport confirmed that the disruption was a result of the same technical issues impacting other European airports.

Key Stats at Berlin Brandenburg:

• Total Delays: 27
• Total Cancellations: 4

Several airlines operating out of Berlin, including British Airways, Lufthansa, and easyJet, saw disruptions. Lufthansa was forced to cancel one flight, while easyJet was particularly hard-hit with 22 delays. British Airways also saw 3 of its flights to London Heathrow canceled.

Flights Affected at Berlin Brandenburg:

• British Airways: 3 cancellations (21% of flights)
• Lufthansa: 1 cancellation (2% of flights)
• Blue Bird Airways: 1 delay (50% of flights)
• Condor: 1 delay (12% of flights)
• Delta Air Lines: 1 delay (50% of flights)
• Eurowings: 2 delays (3% of flights)
• easyJet: 22 delays (22% of flights)

The delays at Berlin Brandenburg were especially significant for easyJet, which experienced the highest number of delays on the day. EasyJet’s operations in Berlin were among the most affected, leading to a frustrating experience for passengers heading to destinations like Palma de Mallorca, Copenhagen, and Vienna.

Minor Disruptions in Other Airports

While Heathrow, Brussels, and Berlin saw the most significant disruptions, a few other airports in Europe reported minor delays. Airports such as Dublin and Cork in Ireland saw some impact, but the delays were minimal compared to the widespread chaos at the major hubs.

For example, Dublin Airport reported only a few delays and cancellations, primarily affecting short-haul flights. Cork Airport, similarly, had some check-in and boarding delays, but no major cancellations were reported.

Other airports, such as Frankfurt, Charles de Gaulle, Orly, and Schiphol, were not impacted by the cyberattack, and operations continued as usual.

Ongoing Recovery Efforts

As of Sunday, September 21, the recovery process is still ongoing, and Collins Aerospace has confirmed that it is actively working to restore full functionality to its systems. Although many airports have reverted to manual check-in processes, efforts to bring back automated systems are continuing.

Heathrow Airport, in particular, has been urging passengers to check the status of their flights before traveling to the airport. While British Airways at Terminal 5 remains unaffected, other terminals at Heathrow have been dealing with the aftereffects of the disruption. Brussels and Berlin airports are also working hard to return to normal operations, although the process is expected to take time.

The European Commission has stated that it is closely monitoring the situation, noting that aviation safety and air traffic control have remained unaffected by the cyberattack. The Commission is working with European aviation authorities and cybersecurity experts to address the issue and help airports recover as quickly as possible.

The cyberattack on Collins Aerospace’s MUSE software has caused significant disruption at key European airports, including Heathrow, Brussels, and Berlin. While recovery efforts are underway, passengers are advised to remain patient and flexible as delays and cancellations continue to affect air travel. With the airline industry and airports working together to resolve the issue, it is hoped that full recovery will occur soon.

Advice for Travelers

For passengers affected by the ongoing disruptions, it is crucial to stay updated on flight statuses. Airlines and airports have been advising passengers to check the status of their flights regularly before heading to the airport. Passengers should also arrive earlier than usual, as manual check-in processes are taking longer than normal.

Long-haul passengers are advised to arrive at least three hours before their departure time, while short-haul passengers should aim to arrive two hours in advance.

What Lies Ahead for the Aviation Industry

This cyberattack has raised critical concerns about the vulnerability of the aviation industry’s digital infrastructure. With airlines and airports becoming increasingly reliant on automated systems, incidents like this serve as a stark reminder of the need for robust cybersecurity protocols.

In the aftermath of this disruption, airports and airlines will likely review their security measures and improve their systems to prevent similar attacks in the future. While the immediate recovery process is underway, it is clear that this incident will have long-lasting effects on the industry’s approach to cybersecurity.

Heathrow, Brussels, and Berlin airports have experienced extensive disruptions due to a massive cyberattack on Collins Aerospace’s MUSE software, forcing airlines to switch to manual check-in and boarding procedures, which has resulted in over 50 flight cancellations and delays.

Travelers are urged to check the status of their flights before heading to the airport and to allow extra time for check-in and security procedures. As the situation develops, it will undoubtedly lead to increased discussions about strengthening cybersecurity measures across the aviation industry to prevent similar incidents in the future.