Particle.news
Download on the App Store
20 ARTICLES
·
3h ago

EU Confirms Ransomware Behind European Airport Check-In Outages

Investigators are probing a hit on Collins Aerospace’s MUSE platform that left airports waiting for restored check-in systems.

Image
Image
A view of cancelled and delayed flight information displayed at a flight information board as technical issue causes by a cyberattack on a third-party system provider led to congestion in Heathrow Airport, in London, United Kingdom on September 20, 2025.

Overview

  • ENISA said the ransomware family has been identified and confirmed that law enforcement is investigating the third‑party incident.
  • The attack crippled Collins Aerospace’s ARINC/MUSE passenger‑processing software, forcing manual check‑in and boarding at hubs including Brussels, Berlin and Heathrow.
  • Collins, owned by RTX, said it is in the final stages of rolling out updates to restore functionality, though several airports still report delays and cancellations.
  • UK cyber authorities, including the NCSC, are working with affected airports, while Brussels resorted to iPads and laptops for check‑in and Berlin warned of longer waits.
  • Attribution remains unconfirmed, and reporting of an internal Heathrow memo describes more than 1,000 corrupted machines and signs of lingering compromise after an initial rebuild.