Several major European airports experienced operational disruptions following a cyberattack on a key provider of check-in and boarding systems.
The incident, which began on the evening of Sept. 19, forced airports such as Brussels and Berlin Brandenburg to switch to manual check-in and boarding processes.
Brussels Airport reported that the attack had a significant effect on flight schedules, while Berlin Brandenburg Airport disconnected affected systems as a precaution, according to 9News.
London Heathrow Airport, the busiest in Europe, also reported issues with its check-in and boarding systems.
In a statement, Heathrow attributed the disruptions to a technical problem affecting a third-party service provider.
Collins Aerospace, a US-based aviation and defence technology company and subsidiary of RTX Corp., was identified as the provider impacted by the cyber incident.
“We are actively working to resolve the issue and restore full functionality to our customers as quickly as possible. The impact is limited to electronic customer check-in and baggage drop and can be mitigated with manual check-in operations,” the company said, as reported by 9News.
Qantas confirmed that its check-in terminals at Heathrow were affected, but anticipated no significant impact on its customers. The airline deployed backup devices at counters and encouraged passengers to use online check-in.
Qantas also noted that its Australian operations were not affected by the outage. Virgin Australia reported no disruption from the incident.
Airports in Paris, including Roissy, Orly, and Le Bourget, reported normal operations during the period. Travellers at affected airports were advised to monitor their flight status for updates.
The recent airport cyberattack follows a separate incident involving Qantas in July 2025, where a cybercriminal accessed a third-party customer servicing platform through a targeted attack on a call centre.
Qantas disclosed that personal data, including names, contact details, birth dates, and frequent flyer numbers, may have been compromised for up to six million customers.
The airline clarified that no frequent flyer accounts, passwords, PINs, or financial data were accessed.
“We are continuing to investigate the proportion of the data that has been stolen, though we expect it will be significant,” Qantas said in a media release.
In Australia, companies continue to encounter a high frequency of cyber threats. According to WatchGuard Technologies, August 2025 saw more than 5,000 malware incidents and over 65,000 network-based attacks across the country.
The majority of detected malware comprised known variants, with a smaller proportion identified as zero-day threats. Phishing and credential theft tools were among the most common, reflecting the ongoing use of social engineering techniques.
Australia accounted for just over 1% of malware detections in the Asia-Pacific region, but represented 57% of blocked network attacks, according to WatchGuard’s analysis.
The volume of malware incidents rose sharply from June to July before declining significantly in August. Network attacks have shown a downward trend over the past two months.
