Johannesburg, South Africa – 6 May 2025 — South African Airways (SAA) has confirmed it was impacted by a significant cyber incident over the weekend, temporarily disrupting access to its website, mobile application, and several internal systems. The breach, which began on Saturday, 3 May, prompted immediate containment measures and a coordinated response to protect operations and customer services.
The national carrier acted swiftly, activating its disaster management and business continuity protocols to stabilise operations. Thanks to these robust safeguards, SAA contained the incident the same day, minimising disruption to its core flight operations and maintaining functionality across its contact centres and sales offices.
Recognising the broader implications of the attack, SAA management wasted no time in launching a full investigation led by independent digital forensic experts. Their mandate: to determine the cause and scope of the incident and to explore possible links to external cybercriminal activity.
In line with its obligations as a National Key Point, SAA has formally reported the breach to the State Security Agency (SSA) and the South African Police Service (SAPS), while also notifying the Information Regulator of South Africa under the Protection of Personal Information Act (POPIA). A preliminary assessment is under way to establish whether any personal data was compromised. Should a breach be confirmed, affected parties will be notified in compliance with regulatory requirements.
Group CEO, Professor John Lamola, moved quickly to reassure stakeholders. “The security and integrity of our business systems and the protection of the consumer data entrusted to us remain our highest priority,” he said. “We acted swiftly to contain the disruption, restore services, and initiate a comprehensive investigation. Our robust business continuity measures ensured operational stability, particularly for our valued customers. I want to assure all stakeholders, including our partners, customers, and dedicated employees, that we are taking every necessary step to determine the root cause of this incident, strengthen our security framework, and mitigate any potential risks. SAA remains committed to delivering safe, reliable, and resilient service.”
As investigations continue, SAA is working closely with law enforcement and remains focused on reinforcing its cyber defences, underlining its commitment to operational excellence and system integrity.
SOURCE: FLY SAA IMAGE: ©PEXELS
