South Africa

Major South African airline hit by cyberattack

6 May 2025

South African Airways (SAA) announced today that it has been impacted by a significant cyber incident that began on Saturday, 3 May 2025. 

The airline said the breach temporarily disrupted access to its website, mobile application, and several internal operational systems, prompting swift response measures to mitigate its effects.

“SAA immediately activated its robust disaster management and business continuity protocols upon detection of the incident,” it said. 

“These swift actions successfully contained the incident and minimised disruption to core flight operations.” 

The airline also ensured the continued functionality of essential customer service channels, such as the airline’s contact centres and sales offices. 

SAA confirmed that normal system functionality across all affected platforms was restored later the same day.

SAA management has initiated an investigation conducted by credible, independent digital forensic investigators to determine the incident’s root cause and full scope.

The investigation will also explore the possibility that the disruption resulted from external cybercrime activities.

SAA added that it has undertaken all reasonable and lawful steps as a National Key Point, including formally reporting the incident to the State Security Agency, the South African Police Service and the Information Regulator as a precautionary measure.

“Regarding the potential impact on data, the preliminary investigation is currently assessing the full extent of the incident and actively working to determine if any data was accessed or exfiltrated,” it said.

“SAA is committed to notifying any affected parties directly, in accordance with regulatory requirements, should the investigation confirm a data breach.”

South African Airways CEO John Lamola said the airline acted swiftly to contain the disruption, restore services, and initiate a comprehensive investigation. 

“Our robust business continuity measures ensured operational stability, particularly for our valued customers,” he said. 

“I want to assure all stakeholders, including our partners, customers, and dedicated employees, that we are taking every necessary step to determine the root cause of this incident, strengthen our security framework, and mitigate any potential risks.” 

Newsletter

Top JSE indices

1D
1M
6M
1Y
5Y
MAX
 
 
 
 
 
 
 
 
 
 
 
 

Comments

Privacy policy | Contact | Advertise |

Articles and other information on Daily Investor is for information purposes only and is not financial or investment advice. It should not be seen as a recommendation to buy shares in any company. Our content is produced without considering the objectives, financial situation, or needs of individuals. Before making any investment decision, prospective investors should consider the appropriateness of the information to their own objectives, financial situation and needs and seek legal and taxation advice appropriate to their jurisdiction.

Profile Data logo

Price and trade data source:

JSE Ltd All other statistics calculated by Profile Data.

All data is delayed by at least 15 minutes.