Significant flight disruptions have affected several European airports since this weekend due to a cyberattack on external service provider Collins Aerospace, which impacted check-in and boarding systems. The incident led to delays and cancellations at Brussels Airport (BRU), London Heathrow (LHR), Berlin Brandenburg (BER), and Dublin Airport (DUB), disrupting travel across Belgium, Germany, the United Kingdom, and Ireland.
The cyberattack, which occurred overnight on 19-20 September, forced airports to operate manual check-in and boarding procedures. As of 22 September, Brussels Airport (BRU) reported approximately 40 departures and 23 arrivals cancelled, with average delays of around 30-60 minutes. Minor delays continued at London Heathrow (LHR), Berlin Brandenburg (BER) and Dublin Airport (DUB).
Key developments
- Flight operations at Brussels Airport (BRU) were severely disrupted on 20 September, with manual check-in and boarding required.
- By 21 September, 44 departing flights were cancelled, with delays continuing at London Heathrow (LHR) and Berlin Brandenburg (BER).
- As of 22 September, most flights were operating, but cancellations and delays persisted, mainly at Brussels Airport (BRU), with lingering issues reported at LHR, BER and Dublin Airport (DUB)’s Terminal 2.
- Travel routes connecting Belgium, Germany, the UK and Ireland were impacted.
Riskline’s response
Our team of analysts sprang into action, tracking the situation by leveraging real-time data of the cyberattack impact on Brussels (BRU), London Heathrow (LHR), Berlin Brandenburg (BER) and Dublin (DUB) airports.
- Timely updates: Six alerts issued between 20-22 September, keeping travellers informed on cancellations, delays and alternative routes.
- Actionable guidance: Advice to check flight statuses, allow extra check-in time and explore rebooking options.
- Global perspective: Continuous monitoring across affected countries to ensure accurate, practical insights.
Context and underlying causes
The disruptions stem from a cyberattack on Collins Aerospace, an external service provider handling check-in and boarding systems. The incident highlights the vulnerabilities of interconnected aviation IT systems, where a single supplier issue can cascade across multiple major international airports. This event underscores a stark reality: Aviation cyberattacks surged 600% from 2024-2025.
Forecast and outlook
- Short-term: Delays and cancellations may continue as airports restore full functionality.
- Medium-term: Airlines and passengers should expect continued operational impacts while systems are verified and stabilised.
- Long-term: Authorities and airport operators will likely review procedures and cyber resilience measures to prevent similar disruptions in the future.
Riskline travel advice
- Contact booking agents for updated itineraries, rebooking or refund options.
- Allow extra time at airports and monitor flight status before departure.
- Stay informed through official airport channels and Riskline alerts for the latest updates.
- Make contingency travel plans in case urgent travel becomes necessary.
Image credits: Shutterstock