Heathrow Airport Cyberattack What Happened, Who’s Affected, and What CISOs Should Know

Primary impacts hit Heathrow (London, UK), Brussels (Belgium), and Berlin (Germany). These three saw the most severe disruptions, with 29 total cancellations across them by September 20 midday. This was not an internal Heathrow IT failure, nor was it due to a software update issue (unlike the July 2025 Crowdstrike outage). The root cause lies in a third-party vulnerability within Collins Aerospace’s (RTX subsidiary) cloud-based Muse software for check-ins. A NATO-linked cybersecurity expert called the method “very clever,” reinforcing suspicions of a state-backed hybrid warfare effort amid Ukraine tensions. Other theories mention broader “cyber axis” (Russia, China, Iran, North Korea) testing infrastructure, but there’s no concrete evidence supporting those claims.

To read the complete article see: Read more