Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
daa

daa Vendor Cyber Rating & Cyber Score

daa.ie

We are a global airport and travel retail group with business in 15 countries around the world. daa’s principal activities include operating and managing Dublin and Cork airports, global airport retailing through our subsidiary Aer Rianta International, and international aviation consultancy through daa International. The company is state-owned and headquartered at Dublin Airport.


daa A.I CyberSecurity Scoring

daa
Company Information
Website:http://www.daa.ie
Employees number:2,261
Number of followers:65,266
NAICS:481
Industry Type:Airlines and Aviation
Homepage:daa.ie
daa Risk Score (AI oriented)
Between 0 and 549
logo
daaAirlines and Aviation
Updated:
29/03/2026
161/1000
Critical
C
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
daa Global Score (TPRM)
xxxx
logo
daaAirlines and Aviation
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

daa
daaCritical
Current Score
161C (CRITICAL)
01000
8 incidents
-123.8 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
167Before Incident
JUNE 2026
163Before Incident
MAY 2026
175Before Incident
APRIL 2026
148Before Incident
Cyber Attack
07 Apr 2026daa
Heathrow Airport, Copenhagen Airport and Charles de Gaulle Airport: Major cyberattack on aviation IT systems snarls flights across Europe and hits Prague connections

Cyberattack Disrupts Major European Airports, Causing Widespread Flight Chaos

129After Incident
CRITICAL-19
AÉRCOPHEA1777287590
Cyberattack Disrupts Major European Airports, Causing Widespread Flight Chaos Between 4 and 6 April, a sophisticated cyberattack targeted a shared IT platform used by airlines and airports across Europe, triggering cascading disruptions at key hubs. The incident paralyzed critical systems including check-in, baggage handling, and boarding at Heathrow, Charles de Gaulle, Frankfurt, and Copenhagen airports, forcing staff to revert to manual processes. The fallout was severe: over 1,600 flights were canceled or delayed on 6 April alone, with airlines activating emergency rosters and passengers advised to arrive early with printed itineraries. While Prague’s Václav Havel Airport was not directly affected, knock-on effects caused delays for several flights on Easter Monday and Tuesday as aircraft and crews were mispositioned. The attack exposed vulnerabilities in aviation’s digital infrastructure, prompting discussions on supply-chain resilience and duty-of-care obligations for businesses. Travel management firms in Prague have since updated contingency plans, recommending flexible bookings, digital visa backups, and buffer days for high-stakes travel. Cybersecurity analysts warn the incident may accelerate EU efforts to include aviation under the Critical Entities Resilience Directive, pushing airports to invest in network segmentation and offline backups. Prague Airport, which already has redundancy plans in its digital transformation strategy, is expected to prioritize these upgrades in response to the disruption.
INCIDENT DETAILS -
TYPE
Cyberattack
IMPACT
check-inbaggage handlingboardingOperational Impact: Cascading disruptions at major European airports, manual processes requiredBrand Reputation Impact: Discussions on supply-chain resilience and duty-of-care obligations
MARCH 2026
162Before Incident
FEBRUARY 2026
143Before Incident
JANUARY 2026
138Before Incident
DECEMBER 2025
117Before Incident
NOVEMBER 2025
112Before Incident
OCTOBER 2025
270Before Incident
Ransomware
26 Oct 2025daa
Dublin Airport

Everest Ransomware Group Targets Dublin Airport, Air Arabia, and Collins Aerospace in Aviation Industry Cyberattacks

100After Incident
CRITICAL-170
DUB4102041102725
The Everest ransomware group breached Dublin Airport, claiming to have stolen approximately 1,533,900 passenger records, including highly sensitive travel and personal data. The compromised information covers full names, flight details (dates, seat numbers, flight numbers, departure/destination codes), frequent flyer data, baggage tags, boarding pass timestamps, check-in device IDs, and verification statuses. The data is currently password-protected on the group’s dark web leak site, with a six-day deadline for the airport to negotiate before public exposure. This breach poses severe risks of identity theft, travel fraud, and operational disruptions, given the granularity of the exposed records. The attack aligns with Everest’s recent focus on the aviation sector, following similar incidents like the Collins Aerospace breach, which caused widespread airport outages across Europe. The group’s extortion tactics—combining data theft with ransom demands—heighten the urgency for Dublin Airport to mitigate reputational, financial, and regulatory fallout.
INCIDENT DETAILS -
TYPE
ransomwaredata breachcyberattack
MOTIVATION
financial extortiondata theftreputation damage
IMPACT
Dublin Airportpassenger data (full name, flight date, passenger ID, seat number, flight number, departure/destination airport codes, fast track/priority status, travel class, timestamps, barcodes, departure date, workstation ID, frequent flyer details, operating/marketing carrier, sequence number, passenger status, boarding pass issuer, baggage allowance, baggage tag numbers, boarding pass issue date, document type, airline numeric code, check-in/boarding pass issuance source, device details, baggage tag plate numbers, selectee indicator, international document verification status)Air Arabiaemployee personal detailsCollins Aerospaceairline operations documentspassenger datacheck-in systems (Collins Aerospace, September 2025 incident)passenger processing systems (European airports, September 2025)FTP server (Collins Aerospace)Collins AerospaceCritical servers shut down on September 19, 2025, causing disruptions across European airports (London Heathrow, Berlin, Brussels).widespread delays and slowdowns at European airports (September 2025)potential travel disruptions for Dublin Airport passengers if data leakedhigh (potential loss of trust in aviation security)negative media coveragehigh (Dublin Airport passenger data)moderate (Air Arabia employee data)
DATA BREACH
passenger travel data (Dublin Airport)employee personal details (Air Arabia)airline operations documents (Collins Aerospace)Dublin AirportAir ArabiaCollins Aerospacehigh (passenger PII, travel details)moderate (employee PII)confirmed (all entities)passenger records (Dublin Airport)employee records (Air Arabia)operational documents (Collins Aerospace)full names, flight details, passenger IDs, frequent flyer info (Dublin Airport)employee details (Air Arabia)
SEPTEMBER 2025
274Before Incident
Cyber Attack
21 Sep 2025daa
Dublin Airport (daa)

Cyber Attack Disrupts Dublin Airport and Other European Airports

255After Incident
HIGH-19
DUB5062050092225
Dublin Airport experienced significant operational disruption due to a Europe-wide cyber attack targeting check-in and boarding systems. As of midday on Sunday, 13 flights (9 inbound, 4 outbound) were cancelled, while airlines in Terminal 2 resorted to manual processes for bag tags and boarding passes, causing delays in check-in and bag drop. The incident forced passengers to allow extra time for procedures, with advisories to contact airlines directly for updates. While no data breach or ransomware was reported, the attack disrupted critical airport infrastructure, leading to financial losses for airlines, reputational damage for the airport, and passenger inconvenience (e.g., missed connections, stranded travelers). The incident also triggered a secondary security alert in Terminal 2 on Saturday, requiring evacuation and intervention by Gardaí and the Defence Forces’ EOD team, though this was later deemed unrelated to the cyber attack. The prolonged system outage highlights vulnerabilities in aviation cybersecurity, affecting thousands of travelers and airline operations across Europe.
INCIDENT DETAILS -
TYPE
cyber attackdisruptionoperational outage
IMPACT
check-in systemsboarding systemsbag tag systemsDowntime: ongoing as of 2025-09-21 (since at least 2025-09-20)flight cancellations (13 flights: 9 inbound, 4 outbound)manual workarounds for bag tags and boarding passeslonger check-in and bag drop timesTerminal 2 evacuation (briefly on 2025-09-20)reported frustrations from passengers (e.g., 'It's been a nightmare')potential reputational damage due to disruptions and cancellations
SEPTEMBER 2025
506Before Incident
Cyber Attack
20 Sep 2025daa
Heathrow Airport (and affected service provider for check-in/boarding systems)

Cyber Attack Disrupts Check-in and Boarding Systems at Major UK and European Airports

254After Incident
HIGH-252
HEA5202352092125
A cyber attack disrupted critical check-in and boarding systems at Heathrow Airport, leading to operational chaos. Around 70 flights were cancelled on Saturday morning, while dozens more faced delays of up to three hours. The outage forced staff to revert to manual check-in and boarding procedures, significantly slowing down passenger processing. The incident also impacted Brussels and Berlin airports, suggesting the breach targeted a shared third-party service provider responsible for automated airport systems. Travel expert Simon Calder warned of potential 'widespread cancellations' due to the ongoing disruption. The attack caused financial losses (refunds, compensations, operational costs), reputational damage (passenger frustration, media coverage), and logistical strain (staff overtime, rescheduling). While no data breach was explicitly reported, the operational halt and cascading delays across multiple airports highlight severe vulnerabilities in aviation infrastructure. The incident underscores risks tied to supply chain cyber attacks, where a single compromised vendor can paralyze major hubs.
INCIDENT DETAILS -
TYPE
cyber attackservice disruption
IMPACT
check-in systemsboarding systemsDowntime: up to 3 hours (for delayed flights; ongoing for cancellations)flight cancellations (~70 at Heathrow)flight delays (dozens, up to 3 hours)manual check-in/boarding procedurespotential widespread cancellations
Cyber Attack
20 Sep 2025daa
Brussels Airport

Cyberattack on Brussels Airport Disrupts Passenger and Baggage Check-in Systems

254After Incident
CRITICAL-252
BRU0093500092025
Brussels Airport experienced a cyberattack on Friday evening that crippled its passenger and baggage check-in systems, forcing manual processing and causing significant operational disruptions. The attack, which also affected other European airports, targeted a third-party service provider’s systems. As of Saturday, nine flights were cancelled, and 15 departed with delays, with no immediate resolution expected. Passengers were advised to confirm flight statuses before arriving, as the outage led to processing bottlenecks and potential further cancellations. An investigation is underway to assess the full extent of the damage, but the incident has already resulted in financial losses (e.g., compensation, operational costs), reputational harm due to publicized delays, and potential long-term trust erosion among travelers and partners. The attack disrupted critical infrastructure, highlighting vulnerabilities in supply chain cybersecurity and the cascading effects of third-party breaches on large-scale operations.
INCIDENT DETAILS -
TYPE
cyberattacksystem disruption
IMPACT
passenger check-in systemsbaggage check-in systemsDowntime: ongoing (as of 2024-02-24, no solution expected in the coming hours)manual passenger processingflight delaysflight cancellationsBrand Reputation Impact: potential negative impact due to service disruptions
Ransomware
20 Sep 2025daa
Brussels Airport, Dublin Airport, Collins Aerospace and London Heathrow: EU agency confirms ransomware attack behind airport disruptions

Ransomware Attack Disrupts Check-In Systems at Major European Airports

254After Incident
CRITICAL-252
BRUDUBCOLIMP1770877259
Ransomware Attack Disrupts Check-In Systems at Major European Airports A ransomware attack targeting Collins Aerospace, a key supplier of automated check-in systems, caused widespread disruptions at several of Europe’s busiest airports on February 10–12, 2026. The incident, confirmed by the EU’s cybersecurity agency (ENISA), locked critical data and forced airports to revert to manual processes, leading to flight cancellations and delays. Affected Airports and Impact - Brussels Airport reported 29 cancellations and only 42% of flights departing on time, with staff using iPads and laptops for manual check-ins. - London Heathrow, Europe’s busiest airport, implemented contingency measures as airlines struggled with system outages. - Berlin Airport, already strained by high passenger volumes due to the Berlin Marathon, faced delays exceeding one hour for departures. - Dublin Airport experienced minimal impact, relying on manual boarding procedures, including handwritten passes. Scope and Response Collins Aerospace, owned by RTX, stated it was working with affected airports to restore full functionality, with updates nearing completion. ENISA confirmed law enforcement involvement but did not disclose the attack’s origin. Sophos threat intelligence director Rafe Pilling noted that while high-profile ransomware attacks are more visible, they are not necessarily increasing in frequency though their disruptive potential remains a growing concern for critical infrastructure. Broader Context The incident underscores the vulnerability of aviation systems to cyber threats. A recent Bitkom survey found ransomware as the most common cyberattack against German companies, with one in seven paying ransoms. Despite the disruption, analysts emphasize that large-scale attacks with physical-world consequences remain rare.
INCIDENT DETAILS -
TYPE
Ransomware
IMPACT
Systems Affected: Automated check-in systemsDowntime: 2026-02-10 to 2026-02-12Operational Impact: Flight cancellations, delays, manual check-in processesBrand Reputation Impact: High
DATA BREACH
Data Encryption: Yes (ransomware locked critical data)
SEPTEMBER 2025
661Before Incident
Ransomware
31 Aug 2025daa
DAA (Dublin Airport Authority)

Dublin Airport Boarding Pass Data Breach via Collins Aerospace Cyber Attack

502After Incident
CRITICAL-159
DUB0103101102525
A cyber-criminal group, specifically the Everest ransomware group, breached a third-party supplier (Collins Aerospace), compromising an IT server containing passenger boarding pass data from 1–31 August at Dublin Airport. The data was later exposed online by the group, though no ransom demand was publicly listed. The attack caused major disruptions, including flight delays and cancellations across European airports in September. While DAA confirmed no direct impact on its own systems, the incident remains under investigation with regulators (Irish Aviation Authority, Data Protection Commission, National Cyber Security Centre) and affected airlines. Passengers were advised to monitor for unusual booking activity, though no immediate action was required. The breach highlights vulnerabilities in third-party vendor security and the operational risks of ransomware attacks on critical travel infrastructure.
INCIDENT DETAILS -
TYPE
Data BreachRansomware AttackSupply Chain Attack
MOTIVATION
Financial Gain (presumed)Data Theft
IMPACT
Boarding pass data (August 1-31, 2023)Collins Aerospace check-in and boarding softwareFlight delays and cancellations at Dublin Airport and other European/UK airportsOperational Impact: Major disruptions to airport operations, including check-in and boarding processesBrand Reputation Impact: Potential reputational damage to DAA and Collins Aerospace due to data exposure and operational disruptionsLegal Liabilities: Investigation by Data Protection Commission (DPC) and other regulators (Irish Aviation Authority, National Cyber Security Centre)Identity Theft Risk: Passengers advised to monitor for unusual activity related to their bookings
DATA BREACH
Boarding pass dataSensitivity Of Data: Moderate (potential for identity theft or travel-related fraud)Passenger namesBooking/travel details (presumed)
AUGUST 2025
661Before Incident
JUNE 2025
761Before Incident
Ransomware
16 Jun 2025daa
Collins Aerospace

ENISA Threat Landscape 2025: Phishing and Vulnerability Exploitation Dominate EU Cyber Incidents (July 2024 - June 2025)

656After Incident
CRITICAL-105
COL5132151100225
Collins Aerospace, a critical supplier in the aerospace and defense industry, fell victim to a ransomware attack that disrupted European airports by targeting its digital supply chain dependencies. The incident, highlighted in ENISA’s Threat Landscape 2025 report, exemplifies how cyber-attacks on high-value vendors can cascade into broader operational failures. While specific details on data compromise were not disclosed, the attack caused significant service outages, delaying flights and grounding operations across multiple airports reliant on Collins’ systems. The disruption underscored vulnerabilities in interconnected OT (operational technology) and supply chain networks, where a single breach can paralyze downstream services. ENISA warned that such attacks exploit critical dependency points, amplifying impact beyond the initial target. The incident aligns with a rising trend of threat actors leveraging ransomware to cripple essential infrastructure, with financial and reputational fallout extending to airlines, passengers, and regulatory bodies. No direct mention of data theft was made, but the operational halt suggests severe financial losses, reputational damage, and potential regulatory scrutiny for failing to secure supply chain resilience.
INCIDENT DETAILS -
TYPE
PhishingVulnerability ExploitationDDoSRansomwareHacktivismMalware DeploymentSupply Chain Attack
MOTIVATION
Geopolitical (79%, e.g., elections, EU support for opposition groups)Financial (13%)Cyber-Espionage (7%)
IMPACT
Outdated Mobile DevicesOperational Technology (OT) SystemsPublic Administration (38% of attacks)Critical Supply Chain Dependencies (e.g., Collins Aerospace)European Airports (disruption example)Downtime: Limited (2% of DDoS attacks caused disruption)Supply Chain Ripple EffectsAirport Disruptions (via Collins Aerospace ransomware)Public Sector Targeting (38%)Erosion of trust in public administrationSupply chain vulnerability exposure

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for daa ?
?
What was daa's A.I Rankiteo Cyber Score in June 2026 ?
?
What was daa's A.I Rankiteo Cyber Score in May 2026 ?
?
What was daa's A.I Rankiteo Cyber Score in April 2026 ?
?
What was daa's A.I Rankiteo Cyber Score in March 2026 ?
?
What was daa's A.I Rankiteo Cyber Score in February 2026 ?
?
What was daa's A.I Rankiteo Cyber Score in January 2026 ?
?
What was daa's A.I Rankiteo Cyber Score in December 2025 ?
?
What was daa's A.I Rankiteo Cyber Score in November 2025 ?
?
What was daa's A.I Rankiteo Cyber Score in October 2025 ?
?
What was daa's A.I Rankiteo Cyber Score in September 2025 ?
?
What was daa's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on daa's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with daa ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view daa's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?