What we know about the cyberattack that hit major European airports

Disruption at some European airports continued for a second day on Sunday after a cyberattack targeted check-in technology company Collins Aerospace.

The U.K.’s largest airport, Heathrow, was among those affected, along with Berlin and Brussels airports.

Brussels Airport said it expected heavy disruption and flight cancellations into Sunday as a result of the cyberattack.

Collins Aerospace “provides check-in and boarding systems for several airlines across multiple airports globally,” Heathrow Airport said in a post on X Saturday.

Collins’ parent company RTX said in a statement to Reuters that it was aware of “cyber-related disruption” to its MUSE software.

“The impact is limited to electronic customer check-in and baggage drop and can be mitigated with manual check-in operations,” RTX said in a statement emailed to Reuters. It added that it was looking to resolve the issue as soon as possible.

CNBC has contacted RTX for comment and is awaiting a response.

Aviation analytics provider Cirium told CNBC that 29 departures and arrivals were cancelled across Heathrow, Berlin Brandenburg and Brussels as of 12:30 p.m. London time Saturday.

All three airports issued updated statements Sunday.

Heathrow said it was working to “resolve and recover” following the Collins outage that impacted check-in.

“We apologise to those who have faced delays, but by working together with airlines, the vast majority of flights have continued to operate,” it said on X. “We encourage passengers to check the status of their flight before travelling to Heathrow and to arrive no earlier than three hours for long-haul flights and two hours for short-haul.”

Brussels said on its website Sunday that the cyberattack was having “a large impact on the flight schedule and unfortunately causes delays and cancellations of flights.” It advised travelers to check their flight status before leaving for the airport.

Berlin warned travelers of longer waiting times as a result of the “systems outage at a service provider.”

Dublin Airport was also affected but said it expects to operate a full schedule Sunday.

“Some airlines in Terminal 2 are continuing to use manual workarounds to generate bag tags and boarding passes. This means that the check-in and bag drop processes may take slightly longer than normal,” the airport said on X.

The attack on Collins Aerospace is the latest in a slew of cybersecurity breaches to have made the headlines.

Jaguar Land Rover said last week that it was extending a pause in production until Sept. 24 following a cyberattack. “We have taken this decision as our forensic investigation of the cyber incident continues, and as we consider the different stages of the controlled restart of our global operations, which will take time,” the company said in a statement.

While British retailer Marks & Spencer earlier this year said a recent cyberattack, which left food shelves bare and brought online sales to a standstill, would wipe out almost one-third of its annual profits.

However, Charlotte Wilson, head of enterprise at cybersecurity firm Check Point, noted that the aviation industry was a particularly target for cybercriminals given its reliance on shared digital systems.

“These attacks often strike through the supply chain, exploiting third-party platforms that are used by multiple airlines and airports at once,” she said in an emailed statement. “When one vendor is compromised, the ripple effect can be immediate and far-reaching, causing widespread disruption across borders.”

To improve resiliency, she said aviation companies should ensure software systems are regularly updated and well-tested backup systems are in place. She also called for better information-sharing between the technology providers, airlines and governments.

“Cyberattacks rarely stop at national borders, so the faster one country can identify and report an attack, the faster others can take action to contain it,” she said. “A joined-up defence will be far more effective than siloed responses.”