On Monday morning (22.09.2025), the European Cyber Security Service (ENISA) had published a statement stating that the cyberattack that hit large European airports It was due to malware ransomware software. However, later in the day, the Reuters agency broadcast clarification, noting that Enisa withdrew any reference to ransomware.
The service, however, re -confirmed that the problems observed since Friday in automatic passenger registration systems were caused by cyberattack. At the same time, he stressed that the law enforcement authorities have begun an investigation to identify the origin and the perpetrators.
The announcement is still the first official confirmation that extensive malfunctions were due to malicious cyberattack.
On Monday, the malfunctions continued at the influenced airports. Collins Aerospace, the company that manages the automatic check-in systems, said it is working closely with the airports affected-between Brussels and London’s Head, Europe’s largest airport-and that it is in the final stage of upgrading its software.
At Berlin Airport, where increased passenger traffic was recorded on Monday due to the city’s marathon, registration systems had not yet been restored, resulting in delays exceeding one hour departures.