Read more
SAA has appointed independent digital forensic investigators to determine the root cause of the hack.
An SAA plane at OR Tambo International Airport. The airline is seemingly delaying filing its financial statements. Picture: Gallo Images
South African Airways (SAA) was the target of a “significant” cyberattack that disrupted several internal operational systems.
The attack, which began on Saturday, temporarily disrupted access to the airline’s website, mobile application and several internal operational systems.
SAA said interventions minimised disruption to core flight operations.
“They also ensured the continued functionality of essential customer service channels, such as the airline’s contact centres and sales offices. Normal system functionality across all affected platforms was restored later the same day.”
ALSO READ: Cybercrime: A global risk surpassing load shedding in potential impact
SAA said it has appointed independent digital forensic investigators to determine the root cause and full scope of the incident and explore the possibility that the disruption resulted from external cybercrime activities.
“Regarding the potential impact on data, the preliminary investigation is currently assessing the full extent of the incident and actively working to determine if any data was accessed or exfiltrated.
“SAA is committed to notifying any affected parties directly, in accordance with regulatory requirements, should the investigation confirm a data breach,” the airline said.
SAA said it will continue to work closely with law enforcement and investigators, “reaffirming its unwavering dedication to operational excellence and the integrity of its systems”.
In April, mobile network operator MTN fell prey to a “cybersecurity incident” that resulted in “unauthorised access to personal information” of some of its customers in “certain markets”.
However, MTN said it found no evidence of compromise of any of its critical infrastructure platforms or services.
“Our core network, billing systems and financial services infrastructure remain secure and fully operational.”
President Cyril Ramaphosa has also come under attack.
In May 2022, a hacking group called SpiderLog$ obtained the details of a loan Ramaphosa took out from one of South Africa’s top four banks in the 2000s.
SpiderLog$ used Ramaphosa’s data to draw attention to glaring vulnerabilities in South African security systems, especially those used in government departments, including defence and state security.
In 2024, The Citizen reported that the average cost of a single data breach case in South Africa was a whopping R53.1 million.
According to IBM research, stolen or compromised credentials were the most common initial attack vectors in South Africa, accounting for 17% of all cyberattacks. These types of attacks averaged a total cost of R56 million per breach.
According to Interpol’s 2024 African Cyberthreat Assessment Report, the rapid growth of cybercrime is further illustrated by the estimation that in 2023, the average number of weekly cyberattacks per organisation in Africa increased 23% year–on–year; this average was the highest in the world.
ALSO READ: MTN hit by ‘cybersecurity incident’, some customer details compromised
Download our app