A cyberattack against the provider of automated check-in and boarding systems has forced airports in Brussels, Berlin and London Heathrow to revert to manual processing, causing major flight delays and cancellations on Sept. 20.
Reuters reported that the disruption began early Saturday and affected multiple European airports, leaving passengers facing long queues and uncertainty about their flights.
Airports said their automated systems went offline after the attack, requiring staff to handle passenger check-ins manually. The outage led to widespread disruption across affected hubs, while some airports, including Frankfurt, confirmed they were not impacted. Airlines and airport authorities advised travelers to verify their flight status before heading to the airport.
Systems Taken Offline by Cyberattack
The service provider targeted by the attack has not been publicly named, but its systems are used across several European airports for check-in and boarding functions. The attack forced a fallback to paper-based and manual processes, slowing operations and straining staff capacity at high-volume international gateways. The incident coincided with one of the busiest travel weekends in September, compounding the effects of delays and cancellations.
Reuters said that Brussels Airport and Berlin’s airports were among the first to report difficulties, while London’s Heathrow confirmed that check-in operations were affected. Passengers experienced extended waiting times, and in some cases flights were either delayed or canceled. Airports stressed that safety and security were not compromised, but acknowledged that service levels had been significantly reduced by the loss of automation.
Impact Across European Hubs
Frankfurt Airport said it was not affected by the outage, underlining that the disruption was not uniform across Europe. Other airports in the region are assessing whether their systems were impacted or if preventive shutdowns were necessary. Several carriers that operate extensively through Brussels, Berlin and Heathrow faced operational challenges, although no specific airline was named as disproportionately affected.
The cyberattack highlighted the dependency of airport operations on centralized service providers. Automated check-in and boarding systems are critical for handling passenger volumes efficiently, and disruptions to these systems quickly cascade into delays. With staff forced to process passengers manually, even routine departures took significantly longer than scheduled, placing additional pressure on flight schedules throughout the day.
Authorities said the provider was working to resolve the issue, but did not offer a timeline for full restoration. The outage underscored ongoing vulnerabilities in aviation technology systems, where a single point of failure can disrupt operations across multiple countries. The immediate priority remained restoring functionality and informing travelers of changes to flight schedules.
Passenger Advice and Response
Airports urged travelers to confirm their flight status with airlines before leaving for departures. The disruption created crowded check-in halls and long waiting times, particularly in Brussels and Berlin, where passengers were seen queuing for hours. Heathrow officials said that flights continued to operate but with slower processing and some cancellations due to the backlog.
Reuters reported that passengers faced confusion as information boards lagged behind real-time changes. Manual announcements and assistance from ground staff were used to direct passengers through altered procedures. Travelers were advised to allow extra time for all stages of the check-in and boarding process until the automated systems are restored.
New details reveal the cyberattack targeted a defense contractor tied to NATO, raising fresh questions about its scope and motives — read the full update here.
History: Aviation Sector and Cyber Threats
This incident is the latest in a series of cyberattacks targeting critical infrastructure in Europe. Aviation systems have increasingly become a focus for hackers due to their reliance on centralized software providers and the high impact of even short disruptions. While airlines and airports maintain contingency plans for manual operations, such measures are not designed to handle full-scale outages at multiple major hubs simultaneously.
The European aviation sector has invested heavily in digital transformation, including biometric boarding, electronic check-in, and integrated security systems. These advances have improved efficiency but have also expanded the attack surface for cyber threats. The Sept. 20 disruption demonstrated how quickly a cyberattack can translate into operational and economic consequences for airlines, airports, and passengers.
Security experts have warned that airports and airlines remain vulnerable to both state-backed and criminal cyber actors. The scale of the disruption at Brussels, Berlin and Heathrow indicated that the attack targeted core systems rather than peripheral services. Authorities did not comment on the source of the attack or whether investigations had identified those responsible.
European regulators are expected to review the incident in the coming days to assess whether additional resilience requirements are needed for aviation service providers. Airlines and airports are also likely to reevaluate their backup systems and crisis response protocols in light of the delays and cancellations experienced by thousands of passengers on Sept. 20.
For now, passengers are being told to check airline websites and follow airport advisories closely. Restoration work on the affected systems continues, but the disruption has already forced travelers across Europe to adjust their plans, underscoring the vulnerability of air travel to cyber risks.
Photo Credit: Sashkin / Shutterstock.com
