The European Union’s cybersecurity agency, said on Monday that a ransomware attack was responsible for the airport disruptions that began across Europe over the weekend.

“ENISA is aware of the ongoing disruption of airports’ operations, which were caused by third-party ransomware incident. At this moment, ENISA cannot share further information regarding the cyberattack,” the agency said in an emailed statement to TechCrunch.

The ransomware attack hit Collins Aerospace, a supplier of airport systems including check-in services used at Berlin, Brussels, and London’s Heathrow.

The company said it is working with affected airports to restore operations, according to Reuters.

It was reported on Saturday that Collins Aerospace identified the targeted software as its passenger processing system, MUSE, which, according to the company’s website, lets multiple airlines share check-in desks and boarding gates instead of maintaining dedicated facilities.

Collins Aerospace, a subsidiary of defense contractor RTX, has not yet responded to requests for comment, and the perpetrators of the cyberattack remain unknown.

The incident has disrupted check-in systems, leading to flight delays and cancellations since Friday night.