SAA confirmed it was impacted by a significant cyberattack that began on Saturday. The breach temporarily disrupted access to the airline’s website, mobile application, and several internal operational systems.
Image: IOL
South African Airways (SAA) says the immediate activation of its disaster management and business continuity protocols successfully contained a cyberattack incident and minimised disruption to core flight operations.
SAA on Tuesday confirmed it was impacted by a significant cyberattack that began on Saturday. The breach temporarily disrupted access to the airline’s website, mobile application, and several internal operational systems.
Swift action successfully contained the incident, minimised disruption and ensured the continued functionality of essential customer service channels, such as the airline's contact centers and sales offices, SAA said.
“Normal system functionality across all affected platforms was restored later the same day,” SAA said.
SAA management initiated an investigation conducted by independent digital forensic investigators to determine the root cause and full scope of the incident and explore the possibility that the disruption resulted from external cybercrime activities.
“In line with its commitment to regulatory compliance and transparency, SAA has undertaken all reasonable and lawful steps as a National Key Point, including formally reporting the incident to the State Security Agency (SSA), South African Police Service (SAPS) for criminal investigation and notifying the Information Regulator of South Africa as a precautionary measure under the Protection of Personal Information Act (POPIA),” SAA said.
Regarding the potential impact on data, the preliminary investigation is assessing the full extent of the incident and actively working to determine if any data was accessed or exfiltrated.
SAA group CEO John Lamola added: "The security and integrity of our business systems and the protection of the consumer data entrusted to us remain our highest priority. In response to the cyber incident that began on May 3, we acted swiftly to contain the disruption, restore services, and initiate a comprehensive investigation. Our robust business continuity measures ensured operational stability, particularly for our valued customers.
“I want to assure all stakeholders, including our partners, customers, and dedicated employees, that we are taking every necessary step to determine the root cause of this incident, strengthen our security framework, and mitigate any potential risks. SAA remains committed to delivering safe, reliable, and resilient service."
Cape Times
Related Topics: