Brussels Airport Company CyberSecurity Posture
brusselsairport.be
Brussels Airport is one of the largest airports in Europe, handling 23,6 million passengers and 733,000 tonnes of freight annually. Brussels Airport connects Belgium directly with 210 destinations worldwide, offered by 80 different airlines. With more than 1000 employees, Brussels Airport Company shapes one of the most important airports in Europe. Brussels Airport has grown into a strong economic hub in the heart of Europe, creating 30,000 direct and 55,000 indirect jobs.
Company Details
brussels-airport-company
1,378
77,794
481
brusselsairport.be
0
BRU_3045292
In-progress
Brussels Airport Risk Score (AI oriented)Between 700 and 749
Brussels Airport Global Score (TPRM)XXXX
Description: Brussels Airport experienced a cyberattack on Friday evening that crippled its passenger and baggage check-in systems, forcing manual processing and causing significant operational disruptions. The attack, which also affected other European airports, targeted a third-party service provider’s systems. As of Saturday, nine flights were cancelled, and 15 departed with delays, with no immediate resolution expected. Passengers were advised to confirm flight statuses before arriving, as the outage led to processing bottlenecks and potential further cancellations. An investigation is underway to assess the full extent of the damage, but the incident has already resulted in financial losses (e.g., compensation, operational costs), reputational harm due to publicized delays, and potential long-term trust erosion among travelers and partners. The attack disrupted critical infrastructure, highlighting vulnerabilities in supply chain cybersecurity and the cascading effects of third-party breaches on large-scale operations.
Description: Brussels Airport suffered a cyberattack targeting one of its third-party suppliers, severely disrupting its check-in and boarding systems. The incident caused widespread flight delays and cancellations for at least ten days, forcing the airport to deploy an emergency team of 20 IT experts to rapidly implement, configure, and test a new alternative system. Initially, only one-third of the 500 workstations were operational with the replacement system, while the remaining relied on temporary solutions. The attack strained airport operations, requiring round-the-clock efforts to restore functionality and mitigate ongoing disruptions. Though the airport claimed the situation was 'under control' with no further cancellations, the incident exposed critical vulnerabilities in its supply chain, highlighting the cascading effects of third-party cyber breaches on large-scale infrastructure. The financial and reputational damage included operational downtime, passenger inconvenience, and potential long-term trust erosion in the airport’s cybersecurity resilience.
Brussels Airport has 325.53% more incidents than the average of same-industry companies with at least one recorded incident.
Brussels Airport has 212.5% more incidents than the average of all companies with at least one recorded incident.
Brussels Airport reported 2 incidents this year: 2 cyber attacks, 0 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Brussels Airport cyber incidents detection timeline including parent company and subsidiaries
Brussels Airport is one of the largest airports in Europe, handling 23,6 million passengers and 733,000 tonnes of freight annually. Brussels Airport connects Belgium directly with 210 destinations worldwide, offered by 80 different airlines. With more than 1000 employees, Brussels Airport Company shapes one of the most important airports in Europe. Brussels Airport has grown into a strong economic hub in the heart of Europe, creating 30,000 direct and 55,000 indirect jobs.
Depuis 1933, la compagnie Air France porte haut les couleurs de la France à travers le monde entier. Avec une activité, répartie entre le transport aérien de passagers, le fret, la maintenance et l’entretien aéronautique, Air France est un acteur majeur du secteur aérien. Plus de 45 000 collaborateu
At Southwest®, everything we do—from our smiling People to our policies—is designed to let you go with Heart. No matter what comes up in your travels, we’ve got your back. Because while any airline can fly you, only Southwest lets you go with Heart. Application fees don’t fly. The only way to apply
Qatar Airways is the national airline of the State of Qatar. Based in Doha, the Airline’s trendsetting on-board product focuses on: comfort, fine cuisine, the latest in-flight audio & video entertainment, award-winning service and one of the youngest and most advanced aircraft fleet in the sky. Awa
How time flies. #18YearsOfIndiGo IndiGo is India’s largest passenger airline. We primarily operate in India’s domestic air travel market as a low-cost carrier with focus on our three pillars – offering low fares, being on-time and delivering a courteous and hassle-free experience. IndiGo has become
Marhaba! Welcome to Etihad Airways. We are proud to be the national airline of the UAE, flying to 100+ destinations via Abu Dhabi. At Etihad, we don't stop at the border of what's possible, we go beyond it. Proudly inspired by our Emirati identity, we are dedicated to delivering extraordinary trave
Turkish Airlines has soared to new heights since its first flight in 1933, becoming the airline that connects more countries than any other. Our commitment to excellence is reflected in the world-class service, comfort, and innovative travel experience we offer, designed to elevate every journey.
Ryanair Holdings plc, Europe’s largest airline group, is the parent company of Ryanair DAC, Lauda, Buzz and Ryanair UK. Carrying 160m+ guests p.a. on over 3,000 daily flights to/from 225 airports. Plan to carry 225m+ guests p.a. by 2026. Unfortunately, we are unable to answer customer service que
Welcome aboard Singapore Airlines on LinkedIn. Discover travel inspirations, business travel tips, cultural insights, our latest updates, and more. Singapore Airlines is a global company dedicated to providing air transportation services of the highest quality and to maximising returns for the ben
It all starts here. 23 years ago, a dream took flight - shaping and forever changing the travel industry in Asia. The idea was simple: Make flying affordable for everyone. We made that dream happen. We started an airline in 2001. Today, we’ve evolved to become something much bigger. We’re now a wo
.png)
Brussels Airport said it expected heavy disruption and flight cancellations into Sunday as a result of the cyberattack.
In 2025, European airports faced a rising wave of cyberattacks that disrupted operations, underscoring vulnerabilities in the digital...
A co-ordinated cyberattack breached PA and FIDS systems at three airports in Canada and one in the US, broadcasting chants and altering...
Cybersecurity has made it into the daily press again, and airports too. Sound familiar? What happened? At airports in Berlin, Brussels,...
From water systems to the electric grid, critical infrastructure has been under threat for decades. But 2025 cyber attacks against airports...
Operations at numerous European airports, including the continent's busiest, Heathrow Airport, were disrupted by a cyber attack affecting a...
The parent company of Collins Aerospace said the attack is not expected to have a material impact on financial results, according to an SEC...
A person has been arrested in connection with a cyber-attack which has caused days of disruption at several European airports including...
The EU Agency for Cybersecurity confirmed that ransomware was used in the attack.
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
The official website of Brussels Airport is http://www.brusselsairport.be.
According to Rankiteo, Brussels Airport’s AI-generated cybersecurity score is 725, reflecting their Moderate security posture.
According to Rankiteo, Brussels Airport currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
According to Rankiteo, Brussels Airport is not certified under SOC 2 Type 1.
According to Rankiteo, Brussels Airport does not hold a SOC 2 Type 2 certification.
According to Rankiteo, Brussels Airport is not listed as GDPR compliant.
According to Rankiteo, Brussels Airport does not currently maintain PCI DSS compliance.
According to Rankiteo, Brussels Airport is not compliant with HIPAA regulations.
According to Rankiteo,Brussels Airport is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Brussels Airport operates primarily in the Airlines and Aviation industry.
Brussels Airport employs approximately 1,378 people worldwide.
Brussels Airport presently has no subsidiaries across any sectors.
Brussels Airport’s official LinkedIn profile has approximately 77,794 followers.
Brussels Airport is classified under the NAICS code 481, which corresponds to Air Transportation.
No, Brussels Airport does not have a profile on Crunchbase.
Yes, Brussels Airport maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/brussels-airport-company.
As of December 04, 2025, Rankiteo reports that Brussels Airport has experienced 2 cybersecurity incidents.
Brussels Airport has an estimated 3,429 peer or competitor companies worldwide.
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
Detection and Response: The company detects and responds to cybersecurity incidents through an incident response plan activated with yes (in-depth investigation underway), and recovery measures with manual passenger processing, and communication strategy with public statement, communication strategy with advisories to travelers to confirm flight status before arriving, and incident response plan activated with oui (déploiement urgent de systèmes alternatifs), and third party assistance with oui (équipe de 20 experts informatiques dédiés), and containment measures with systèmes alternatifs d'enregistrement et d'embarquement déployés en urgence, and remediation measures with installation, configuration et tests accélérés des nouveaux équipements/logiciels sur 500 postes de travail, and recovery measures with transition progressive vers le nouveau système pour toutes les compagnies aériennes; maintien des systèmes alternatifs pendant la phase de transition, and communication strategy with communiqué de presse pour informer du contrôle de la situation et des mesures prises..
Title: Cyberattack on Brussels Airport Disrupts Passenger and Baggage Check-in Systems
Description: Brussels Airport was hit by a cyberattack on Friday evening, disabling its passenger and baggage check-in systems. The attack also affected other European airports. Passenger processing is being carried out manually, leading to delays and flight cancellations. The cyberattack targeted systems of a service provider, and an in-depth investigation is underway to assess the damage. Nine flights have been cancelled, and 15 have departed with delays. No immediate solution is expected in the coming hours.
Date Detected: 2024-02-23T18:00:00Z
Date Publicly Disclosed: 2024-02-23T18:00:00Z
Type: cyberattack
Title: Cyberattaque chez un fournisseur de Brussels Airport entraînant des retards et annulations de vols
Description: Brussels Airport a subi une cyberattaque chez un fournisseur, perturbant les systèmes d'enregistrement et d'embarquement. Cela a provoqué des retards et annulations de vols il y a dix jours. Un nouveau système alternatif a été déployé en urgence pour rétablir les opérations. Un tiers des 500 postes de travail utilisaient déjà ce système le lundi suivant le début du déploiement. Une équipe de 20 experts informatiques a travaillé en continu pour installer, configurer et tester les équipements et logiciels. Les systèmes alternatifs ont permis de stabiliser la situation, évitant de nouvelles annulations.
Type: Cyberattaque (perturbation des systèmes via un fournisseur tiers)
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
Systems Affected: passenger check-in systemsbaggage check-in systems
Downtime: ongoing (as of 2024-02-24, no solution expected in the coming hours)
Operational Impact: manual passenger processingflight delaysflight cancellations
Brand Reputation Impact: potential negative impact due to service disruptions
Systems Affected: Systèmes d'enregistrementSystèmes d'embarquement
Downtime: 10 jours (partiel, avec retards et annulations initiaux)
Operational Impact: Retards et annulations massifs de vols; déploiement accéléré de systèmes alternatifs; 20 experts mobilisés 24/7 pour la récupération.
Brand Reputation Impact: Potentiellement négatif (perturbations majeures pour les passagers, mais gestion proactive communiquée)
Entity Name: Brussels Airport
Entity Type: airport
Industry: aviation/transportation
Location: Brussels, Belgium
Customers Affected: passengers (exact number unspecified, but delays and cancellations reported)
Entity Name: Unnamed service provider
Entity Type: third-party service provider
Industry: IT/aviation services
Entity Name: Other European airports (unspecified)
Entity Type: airports
Industry: aviation/transportation
Location: Europe
Entity Name: Brussels Airport
Entity Type: Aéroport international
Industry: Transport aérien
Location: Bruxelles, Belgique
Customers Affected: Passagers (nombre non précisé, mais perturbations généralisées)
Entity Name: Fournisseur non nommé de Brussels Airport
Entity Type: Fournisseur de services informatiques
Incident Response Plan Activated: yes (in-depth investigation underway)
Recovery Measures: manual passenger processing
Communication Strategy: public statementadvisories to travelers to confirm flight status before arriving
Incident Response Plan Activated: Oui (déploiement urgent de systèmes alternatifs)
Third Party Assistance: Oui (équipe de 20 experts informatiques dédiés)
Containment Measures: Systèmes alternatifs d'enregistrement et d'embarquement déployés en urgence
Remediation Measures: Installation, configuration et tests accélérés des nouveaux équipements/logiciels sur 500 postes de travail
Recovery Measures: Transition progressive vers le nouveau système pour toutes les compagnies aériennes; maintien des systèmes alternatifs pendant la phase de transition
Communication Strategy: Communiqué de presse pour informer du contrôle de la situation et des mesures prises
Incident Response Plan: The company's incident response plan is described as Oui (déploiement urgent de systèmes alternatifs).
Third-Party Assistance: The company involves third-party assistance in incident response through Oui (équipe de 20 experts informatiques dédiés).
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Installation, configuration et tests accélérés des nouveaux équipements/logiciels sur 500 postes de travail.
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by systèmes alternatifs d'enregistrement et d'embarquement déployés en urgence.
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through manual passenger processing, , Transition progressive vers le nouveau système pour toutes les compagnies aériennes; maintien des systèmes alternatifs pendant la phase de transition.
Source: Brussels Airport public statement (via local media)
Date Accessed: 2024-02-24
Source: Communiqué de presse de Brussels Airport
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Brussels Airport public statement (via local media)Date Accessed: 2024-02-24, and Source: Communiqué de presse de Brussels Airport.
Investigation Status: ongoing (in-depth investigation underway to assess damage)
Investigation Status: En cours (déploiement des correctifs et transition progressive)
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Public Statement, Advisories To Travelers To Confirm Flight Status Before Arriving and Communiqué de presse pour informer du contrôle de la situation et des mesures prises.
Stakeholder Advisories: Travelers Advised To Confirm Flight Status Before Arriving At The Airport.
Customer Advisories: expect delays and cancellations; manual check-in procedures in place
Stakeholder Advisories: Communiqués publics sur l'état des opérations et les mesures de récupération
Customer Advisories: Informations diffusées via communiqués de presse sur la stabilisation de la situation
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Travelers Advised To Confirm Flight Status Before Arriving At The Airport, Expect Delays And Cancellations; Manual Check-In Procedures In Place, , Communiqués publics sur l'état des opérations et les mesures de récupération and Informations diffusées via communiqués de presse sur la stabilisation de la situation.
Corrective Actions: Déploiement de systèmes alternatifs résilients; transition progressive vers une solution stable
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Oui (équipe de 20 experts informatiques dédiés).
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Déploiement de systèmes alternatifs résilients; transition progressive vers une solution stable.
Most Recent Incident Detected: The most recent incident detected was on 2024-02-23T18:00:00Z.
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-02-23T18:00:00Z.
Most Significant System Affected: The most significant system affected in an incident was passenger check-in systemsbaggage check-in systems and Systèmes d'enregistrementSystèmes d'embarquement.
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Oui (équipe de 20 experts informatiques dédiés).
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Systèmes alternatifs d'enregistrement et d'embarquement déployés en urgence.
Most Recent Source: The most recent source of information about an incident are Communiqué de presse de Brussels Airport and Brussels Airport public statement (via local media).
Current Status of Most Recent Investigation: The current status of the most recent investigation is ongoing (in-depth investigation underway to assess damage).
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was travelers advised to confirm flight status before arriving at the airport, Communiqués publics sur l'état des opérations et les mesures de récupération, .
Most Recent Customer Advisory: The most recent customer advisory issued were an expect delays and cancellations; manual check-in procedures in place and Informations diffusées via communiqués de presse sur la stabilisation de la situation.
.png)
MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue exists in the exec_in_pod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string format is provided, it is passed directly to shell interpretation (sh -c) without input validation, allowing shell metacharacters to be interpreted. This vulnerability can be exploited through direct command injection or indirect prompt injection attacks, where AI agents may execute commands without explicit user intent. This vulnerability is fixed in 2.9.8.
XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial of service via crafted body of a POST request.
An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.
Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker to bypass password verification when a TOTP code is provided, potentially gaining unauthorized access to user accounts. This issue exists due to problematic conditional logic in the authentication flow. This vulnerability is fixed in 5.9.8.
Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed() function, it might lead to high CPU consumption and a potential Denial of Service. Small numbers go through this call stack: NativeNumber.numTo > DToA.JS_dtostr > DToA.JS_dtoa > DToA.pow5mult where pow5mult attempts to raise 5 to a ridiculous power. This vulnerability is fixed in 1.8.1, 1.7.15.1, and 1.7.14.1.
Get company history
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rapid