[8-K] RTX Corp Reports Material Event
RTX Corporation disclosed a ransomware-related product cybersecurity incident affecting its MUSE passenger processing software, which enables airlines to share check-in, gate and baggage handling resources. The affected MUSE systems run on customer-specific networks outside RTX's enterprise environment. Upon detection on September 19, 2025, RTX activated its incident response plan, engaged internal and external cybersecurity experts, notified law enforcement and government agencies, and is assisting affected airlines and airports. Customers have shifted to backup or manual processes, causing certain flight delays and cancellations. RTX states the incident is under investigation and, to date, has not had and is not reasonably expected to have a material impact on its financial condition or operations.
RTX Corporation ha comunicato un incidente di cybersecurity legato a ransomware che riguarda il suo software di elaborazione dei passeggeri MUSE, che permette alle compagnie aeree di condividere risorse per il check-in, l’imbarco e la gestione dei bagagli. I sistemi MUSE interessati operano su reti dedicate ai clienti al di fuori dell’ambiente aziendale di RTX. Una volta rilevato il problema il 19 settembre 2025, RTX ha attivato il piano di risposta agli incidenti, coinvolto esperti di cybersicurezza sia interni sia esterni, informato le autorità e le agenzie governative, e sta fornendo assistenza alle compagnie aeree e agli aeroporti interessati. I clienti hanno adottato processi di backup o manuali, con ritardi e alcune cancellazioni di voli. RTX afferma che l’incidente è in fase di indagine e, ad oggi, non ha avuto e non è ragionevolmente prevedibile che avrà un impatto materiale sulla sua situazione finanziaria o sulle operazioni.
RTX Corporation informó sobre un incidente de ciberseguridad relacionado con ransomware que afecta su software de procesamiento de pasajeros MUSE, el cual permite a las aerolíneas compartir recursos de facturación, embarque y manejo de equipaje. Los sistemas MUSE afectados funcionan en redes específicas de los clientes, fuera del entorno corporativo de RTX. Tras la detección el 19 de septiembre de 2025, RTX activó su plan de respuesta a incidentes, contrató a expertos en ciberseguridad internos y externos, notificó a las autoridades y a agencias gubernamentales, y está brindando asistencia a las aerolíneas y aeropuertos afectados. Los clientes han pasado a procesos de respaldo o manuales, lo que ha provocado ciertos retrasos y algunas cancelaciones de vuelos. RTX señala que el incidente está en investigación y, hasta la fecha, no ha tenido y no se espera razonablemente que tenga un impacto material en su situación financiera u operaciones.
RTX Corporation은 렌섬웨어 관련 사이버보안 사고를 공개했으며, 항공사가 체크인, 게이트, 수하물 처리 자원을 공유하도록 하는 MUSE 승객 처리 소프트웨어에 영향을 미쳤습니다. 영향받은 MUSE 시스템은 RTX의 엔터프라이즈 환경 밖의 고객 전용 네트워크에서 운용됩니다. 사고가 탐지된 시점은 2025년 9월 19일이며, RTX는 사고 대응 계획을 가동하고, 내부 및 외부 사이버보안 전문가를 투입했으며, 법 집행기관과 정부 기관에 통보했고, affected 항공사 및 공항을 지원하고 있습니다. 고객은 백업 또는 수동 프로세스로 전환되어 특정 항공편 지연 및 취소가 발생했습니다. RTX는 이 사고가 조사 중이며 현재까지 재무 상태나 운영에 실질적 영향을 미친 바 없고, 합리적으로 예상되지도 않는다고 밝혔습니다.
RTX Corporation a divulgué un incident de cybersécurité lié à un ransomware affectant son logiciel de traitement des passagers MUSE, qui permet aux compagnies aériennes de partager des ressources pour l’enregistrement, l’embarquement et la gestion des bagages. Les systèmes MUSE concernés fonctionnent sur des réseaux spécifiques aux clients, en dehors de l’environnement d’entreprise de RTX. Lors de la détection le 19 septembre 2025, RTX a activé son plan de réponse aux incidents, fait intervenir des experts en cybersécurité internes et externes, informé les forces de l’ordre et les agences gouvernementales, et apporte son soutien aux compagnies aériennes et aux aéroports affectés. Les clients sont passés à des processus de sauvegarde ou manuels, entraînant certains retards et annulations de vols. RTX déclare que l’incident est en cours d’enquête et, à ce jour, n’a pas eu et n’est pas raisonnablement susceptible d’avoir un impact matériel sur sa situation financière ou ses activités.
RTX Corporation hat einen vor ransomware-basierten Vorfall im Bereich der Cybersicherheit gemeldet, der seine MUSE-Passagierverarbeitungssoftware betrifft, mit der Fluggesellschaften Check-in-, Gate- und Gepäckabfertigungsressourcen teilen können. Die betroffenen MUSE-Systeme laufen in netzwerken der Kunden außerhalb der RTX-Unternehmensumgebung. Bei Erkennung am 19. September 2025 hat RTX den Incident-Response-Plan aktiviert, interne und externe Cybersecurity-Experten hinzugezogen, Strafverfolgungsbehörden und Regierungsstellen benachrichtigt und betroffenen Fluggesellschaften sowie Flughäfen Unterstützung geleistet. Die Kunden sind auf Backup- oder manuelle Prozesse umgestiegen, was zu bestimmten Flugverspätungen und -annullierungen führte. RTX erklärt, dass der Vorfall Gegenstand von Untersuchungen ist und bis heute keine wesentlichen Auswirkungen auf seine finanzielle Lage oder seinen Betrieb hat oder erwartet.
شركة RTX أعلنت عن حادث أمني سيبراني متعلق بفيروس الفدية يؤثر على برنامج معالجة الركاب MUSE، الذي يتيح لشركات الطيران مشاركة موارد تسجيل الوصول والبوابة والتعامل مع الأمتعة. الأنظمة المميزة بـ MUSE تعمل على شبكات خاصة بالعملاء خارج بيئة شركة RTX. عند الكشف في 19 سبتمبر 2025، فعلت RTX خطتها لاستجابة الحوادث، وشركت خبراء الأمن السيبراني الداخـيين والخارجيين، وأخطرت جهات إنفاذ القانون والجهات الحكومية، وتقدّم حالياً المساعدة لشركات الطيران والمطارات المتأثرة. اعتمد العملاء على عمليات احتياطية أو يدويـة، مما أدى إلى تأجيل بعض الرحلات الجوية وإلغاءها. وتؤكد RTX أن الحادث قيد التحقيق وحتى تاريخه لم يواجه تأثيرًا ماليًا جوهريًا ولا يُتوقع أن يواجه تأثيرًا جوهريًا على وضعها المالي أو عملياتها.
RTX Corporation披露了一起与勒索软件相关的网络安全事件,影响其MUSE旅客处理软件,该软件使航空公司能够共享办理登机、登机门和行李处理等资源。受影响的MUSE系统在客户自有网络中运行,位于RTX的企业环境之外。于2025年9月19日发现后,RTX启动了事件响应计划,邀请内部与外部的网络安全专家,通知执法部门和政府机构,并正在协助受影响的航空公司和机场。客户已转向备份或手动流程,导致部分航班延误和取消。RTX表示事件正在调查中,迄今为止并且并无合理理由认为会对其财务状况或运营产生重大影响。
- Immediate response: RTX activated its incident response plan and engaged internal and external cybersecurity experts.
- Law enforcement notified: Company reported it informed domestic and international law enforcement and certain government agencies.
- Customer support: RTX is providing technical support and guidance to affected airlines and airports.
- Containment claim: Company states the incident has not had and is not reasonably expected to have a material impact on financial condition or operations.
- Ransomware incident: Product cybersecurity incident affected MUSE passenger processing software used for check-in, gate and baggage handling.
- Operational disruptions: Customers shifted to backup/manual processes, causing certain flight delays and cancellations.
- Ongoing investigation: Potential for additional adverse findings, remediation costs, regulatory inquiries or litigation as investigation continues.
- Third-party risk: MUSE operates on customer-specific networks, indicating exposure in customer environments that may complicate remediation and liability.
Insights
TL;DR: Operational disruption to airline customers reported; RTX currently reports no material financial impact.
RTX's disclosure is concise and focused on operational remediation rather than financial metrics. The company emphasizes that MUSE operates on customer networks, which may limit RTX's direct operational exposure. Key points for investors are the company's immediate activation of its incident response plan and engagement with law enforcement, which can reduce escalation risk. The statement that the incident has not had and is not reasonably expected to have a material impact is important but contingent on ongoing investigation results. Financial impact remains uncertain pending further findings, potential regulatory inquiries, remediation costs, or customer claims.
TL;DR: Ransomware impacted MUSE passenger systems; response and notifications underway, investigation ongoing.
From a cybersecurity risk perspective, RTX reports appropriate immediate actions: containment, remediation efforts, external expertise, and law enforcement notification. The fact that MUSE systems reside on customer-specific networks reduces exposure to RTX's enterprise environment but raises third-party risk considerations for customers and service continuity. Reported flight delays and cancellations indicate tangible operational impact for customers. The company's assessment that the incident is not material is plausible now but depends on findings about data compromise, remediation scope, and potential regulatory or litigation outcomes.
RTX Corporation ha comunicato un incidente di cybersecurity legato a ransomware che riguarda il suo software di elaborazione dei passeggeri MUSE, che permette alle compagnie aeree di condividere risorse per il check-in, l’imbarco e la gestione dei bagagli. I sistemi MUSE interessati operano su reti dedicate ai clienti al di fuori dell’ambiente aziendale di RTX. Una volta rilevato il problema il 19 settembre 2025, RTX ha attivato il piano di risposta agli incidenti, coinvolto esperti di cybersicurezza sia interni sia esterni, informato le autorità e le agenzie governative, e sta fornendo assistenza alle compagnie aeree e agli aeroporti interessati. I clienti hanno adottato processi di backup o manuali, con ritardi e alcune cancellazioni di voli. RTX afferma che l’incidente è in fase di indagine e, ad oggi, non ha avuto e non è ragionevolmente prevedibile che avrà un impatto materiale sulla sua situazione finanziaria o sulle operazioni.
RTX Corporation informó sobre un incidente de ciberseguridad relacionado con ransomware que afecta su software de procesamiento de pasajeros MUSE, el cual permite a las aerolíneas compartir recursos de facturación, embarque y manejo de equipaje. Los sistemas MUSE afectados funcionan en redes específicas de los clientes, fuera del entorno corporativo de RTX. Tras la detección el 19 de septiembre de 2025, RTX activó su plan de respuesta a incidentes, contrató a expertos en ciberseguridad internos y externos, notificó a las autoridades y a agencias gubernamentales, y está brindando asistencia a las aerolíneas y aeropuertos afectados. Los clientes han pasado a procesos de respaldo o manuales, lo que ha provocado ciertos retrasos y algunas cancelaciones de vuelos. RTX señala que el incidente está en investigación y, hasta la fecha, no ha tenido y no se espera razonablemente que tenga un impacto material en su situación financiera u operaciones.
RTX Corporation은 렌섬웨어 관련 사이버보안 사고를 공개했으며, 항공사가 체크인, 게이트, 수하물 처리 자원을 공유하도록 하는 MUSE 승객 처리 소프트웨어에 영향을 미쳤습니다. 영향받은 MUSE 시스템은 RTX의 엔터프라이즈 환경 밖의 고객 전용 네트워크에서 운용됩니다. 사고가 탐지된 시점은 2025년 9월 19일이며, RTX는 사고 대응 계획을 가동하고, 내부 및 외부 사이버보안 전문가를 투입했으며, 법 집행기관과 정부 기관에 통보했고, affected 항공사 및 공항을 지원하고 있습니다. 고객은 백업 또는 수동 프로세스로 전환되어 특정 항공편 지연 및 취소가 발생했습니다. RTX는 이 사고가 조사 중이며 현재까지 재무 상태나 운영에 실질적 영향을 미친 바 없고, 합리적으로 예상되지도 않는다고 밝혔습니다.
RTX Corporation a divulgué un incident de cybersécurité lié à un ransomware affectant son logiciel de traitement des passagers MUSE, qui permet aux compagnies aériennes de partager des ressources pour l’enregistrement, l’embarquement et la gestion des bagages. Les systèmes MUSE concernés fonctionnent sur des réseaux spécifiques aux clients, en dehors de l’environnement d’entreprise de RTX. Lors de la détection le 19 septembre 2025, RTX a activé son plan de réponse aux incidents, fait intervenir des experts en cybersécurité internes et externes, informé les forces de l’ordre et les agences gouvernementales, et apporte son soutien aux compagnies aériennes et aux aéroports affectés. Les clients sont passés à des processus de sauvegarde ou manuels, entraînant certains retards et annulations de vols. RTX déclare que l’incident est en cours d’enquête et, à ce jour, n’a pas eu et n’est pas raisonnablement susceptible d’avoir un impact matériel sur sa situation financière ou ses activités.
RTX Corporation hat einen vor ransomware-basierten Vorfall im Bereich der Cybersicherheit gemeldet, der seine MUSE-Passagierverarbeitungssoftware betrifft, mit der Fluggesellschaften Check-in-, Gate- und Gepäckabfertigungsressourcen teilen können. Die betroffenen MUSE-Systeme laufen in netzwerken der Kunden außerhalb der RTX-Unternehmensumgebung. Bei Erkennung am 19. September 2025 hat RTX den Incident-Response-Plan aktiviert, interne und externe Cybersecurity-Experten hinzugezogen, Strafverfolgungsbehörden und Regierungsstellen benachrichtigt und betroffenen Fluggesellschaften sowie Flughäfen Unterstützung geleistet. Die Kunden sind auf Backup- oder manuelle Prozesse umgestiegen, was zu bestimmten Flugverspätungen und -annullierungen führte. RTX erklärt, dass der Vorfall Gegenstand von Untersuchungen ist und bis heute keine wesentlichen Auswirkungen auf seine finanzielle Lage oder seinen Betrieb hat oder erwartet.
FAQ
What systems did the RTX (RTX) cybersecurity incident affect?
When did RTX report the ransomware incident?
Has RTX said whether the incident impacted its financial results?
Did the incident cause service disruption for airlines?
What actions did RTX take in response to the incident?
