• Cyber attack on Collins check in software disrupted Heathrow, Brussels and Berlin
• British Airways avoided major impact using a backup while other hubs went manual
• RTX said the issue was limited to electronic check in and bag drop and is working on restoration
• Outage exposes single vendor concentration risk across multiple airports and airlines
• Airports clearing backlogs while reassessing continuity, segmentation and failover
• Expect tighter contracts and drills on recovery time and incident reporting
• Regulators focus on operational resilience for aviation infrastructure
• Dual vendor or independent fallback options back on the table
• 2023 data leak reminder that aviation tech is a target
• Resilience becomes a competitive differentiator for peak travel seasons

The cyber attack that crippled Collins Aerospace’s check-in technology did more than delay flights – it proved that a single point of failure in supply chains can infect multiple businesses that depend on the same software infrastructure.

Over the weekend, Heathrow warned of possible delays as Collins, a unit of RTX, grappled with what it called a cyber-related disruption to its MUSE software. 

British Airways avoided the brunt thanks to a backup, while Gatwick and Luton reported no impact. Brussels and Berlin, though, were not as fortunate, reverting to manual processing that impacted passenger and luggage check-in, and forced cancellations and diversions.

The impact has lingered, with airports still clearing residual queues over the last two days, even as manual procedures and backups blunted the worst effects. 

RTX reiterated that the disruption was limited to electronic check-in and baggage drop and could be mitigated with manual operations, and said restoration efforts were ongoing. 

The incident follows a 2023 data leak claimed by ransomware group BianLian involving partner-company personnel details, highlighting that aviation technology providers sit squarely in the sights of threat actors.

What turned a software outage into a continental headache was concentration risk within vendor partnerships. 

For years, airlines and airports have standardised on a handful of platforms to tame complexity and cost. 

The payoff is efficiency - until a shared dependency fails. When that happens during busy travel periods, workarounds are labour-intensive, turnaround times lengthen, and on-time performance sags.

The immediate playbook is familiar: fall back to paper, throttle departures to match manual throughput, and ask passengers to verify flight status before heading to the airport. 

The next steps are harder, and involve sharper risk management frameworks. Airport operators and airline boards will now press for evidence that their providers can segment critical functions, roll out clean environments quickly, and keep operations running even as investigations proceed. 

All of this boils down to tougher contract clauses on incident reporting, recovery time objectives, and rehearsed failover.

Airlines will also be forced to revisit their own preparedness. British Airways’ ability to sidestep major disruption underlined the value of local backups, alternative DCS pathways and trained staff who can pivot under pressure. 

Others will weigh dual-vendor strategies where viable, or at least independent fallback capabilities for check-in and baggage at key stations. The goal is not redundancy everywhere, but resilience where it matters most.

And in a world where scrutiny is growing, the regulators are watching. 

Europe’s push on operational resilience increasingly asks critical infrastructure - and aviation qualifies - to demonstrate that single-supplier risk is identified, tested and governed. 

For airports, that translates into renewed tabletop exercises with ground handlers, clearer escalation with technology partners, and better passenger communications when electronic systems falter.

None of this diminishes the role of providers like Collins. Centralised systems knit together complex journeys across airlines and borders. But the bargain between efficiency and fragility is being recalibrated. 

After this outage, boards will seek more transparency into patch cadence, privileged-access controls and the blast radius of future incidents.

Travellers are being urged to verify flights before leaving home, arrive at the time recommended by the airline recommends, and expect occasional friction as systems are restored. 

For the industry, the message is sharper. One hack should not stall many hubs. Resilience is now a competitive advantage - and a licence to operate.