Major Cyberattack Cripples European Air Travel, Causing Widespread Disruption
BRUSSELS – September 21, 2025 – Air travel across Europe was plunged into chaos for a second consecutive day on Sunday, September 21st, as a sophisticated cyberattack continued to target critical airport systems, causing massive flight delays, cancellations, and leaving tens of thousands of passengers stranded.
The attack, which began in the early hours of Saturday, is believed to have hit a key software provider used for baggage handling, check-in, and flight planning at major hubs. Airports in Frankfurt, Amsterdam-Schiphol, London Heathrow, and Paris-Charles de Gaulle are among the worst affected, with operations grinding to a near halt during peak periods.
Passengers faced scenes of frustration and confusion, with long queues snaking through terminals as ground staff were forced to revert to time-consuming manual processing. Social media was flooded with images of crowded departure halls and piles of unloaded luggage.
“We are stuck here with no information. Our flight has been delayed three times and now it’s just listed as ‘indefinitely postponed.’ There’s no one to tell us what to do,” said Maria Jensen, a Danish tourist stranded at Amsterdam Airport.
Critical Systems Offline
While air traffic control and flight safety systems remain operational, the attack has severely impacted so-called “behind-the-scenes” infrastructure. Key systems for managing baggage logistics, allocating gates, and processing passenger manifests have been taken offline, creating a domino effect of disruptions.
A spokesperson for Frankfurt Airport, Europe’s third-busiest, confirmed the issues were linked to a “large-scale IT security incident” affecting a third-party vendor. “We are working around the clock with our partners and cybersecurity experts to restore full functionality. We ask for the patience of all travellers and recommend contacting their airline directly before coming to the airport,” the statement read.
Ransomware Suspected
Although no group has yet claimed responsibility, early analysis by EU cybersecurity agency ENISA points to a ransomware attack. This type of malware typically encrypts vital data, rendering systems unusable until a payment is made.
The European Union’s Agency for Cybersecurity (ENISA) is coordinating a response with national authorities. “We are facing a serious and coordinated cyberattack against European transport infrastructure. Our priority is to support the restoration of systems and identify the perpetrators,” an ENISA official stated.
Knock-on Effects and Travel Advice
The disruption is having a severe knock-on effect, with delays expected to ripple through global networks for days. Major carriers including Lufthansa, Air France-KLM, and IAG (the parent company of British Airways) have issued widespread travel waivers, allowing passengers to rebook or claim refunds.
Authorities are advising all passengers with travel plans in or out of Europe in the coming 48 hours to:
· Check their flight status directly with their airline before heading to the airport.
· Expect significant delays and pack essential items in carry-on luggage.
· Allow for extra time and exercise patience with ground staff, who are working under extreme pressure.
As investigations continue, the incident highlights the critical vulnerability of global travel networks to cyber threats and raises serious questions about the security of digital infrastructure upon which modern aviation depends.