Although the impact on travelers was minimal, experts noted that the breach exposed weaknesses in security systems.

The disruptions initially affected electronic systems at Brussels, Berlin’s Brandenburg, and London’s Heathrow airports, necessitating manual check-in and boarding. Many other European airports reported that their operations remained unaffected.

“They had to write our baggage tabs by hand,” she said. “Only two desks were staffed, which is why we were cheesed off.”

Collins, an aviation and defense technology company under RTX Corp., previously Raytheon Technologies, announced it was “actively working to resolve the issue and restore full functionality to our customers as quickly as possible.”

“The impact is confined to electronic customer check-in and baggage drop and can be mitigated using manual check-in processes,” the statement read.

Airline industry is vulnerable through the use of third-party platforms

Still, experts said the attack pointed to vulnerabilities — ones that hackers are increasingly trying to exploit.

Charlotte Wilson, head of enterprise at cybersecurity firm Check Point, pointed out that the aviation sector has become an “increasingly attractive target” for cybercriminals due to its significant dependence on shared digital systems.

“These attacks often occur through the supply chain, targeting third-party platforms used by numerous airlines and airports simultaneously,” she stated. “When one vendor is compromised, the resulting ripple effect can be swift and extensive, leading to widespread disruption across borders.”

Experts said it was too early to tell who might be behind the attack, and were trying to read some clues.

“It looks almost more like vandalism than extortion, based on the information we have,” said James Davenport, a professor of information technology at the University of Bath in England. “I think significant new details would have to emerge to change this view.”