South Africa's national airline said Saturday's cyber attack temporarily disrupts its website and some internal operational systems.
South Africa Airlines (SAA) said the attack also affected mobile applications, but the IT team said it could contain the incident and “minimise disruption in core flight operations.”
“They also ensured the continued capabilities of key customer service channels, including the airline's contact centres and sales offices,” the airline said in a statement released Tuesday. “Normal system functionality across all affected platforms was restored on the same day.”
The airline did not respond to a request for comment on whether the incident was related to ransomware.
CEO John Lamola said he is currently investigating the incident to “determine the root cause” and is investigating potential leaks of sensitive information.
The company reported the incident as “as a precaution” to the State Security Agency, the South African Police Department (SAPS) and the South African intelligence regulator.
The SAA said it plans to notify anyone who may have been stolen during the attack. The company reported revenue of more than $300 million last year and service flights to 16 locations.
As of Wednesday afternoon, the hacking group did not trust the incident.
South Africa continues to face unprecedented attacks on major institutions by cybercrime gangs.
In 2023, a ransomware gang leaked a personal phone number and email of a personal president, along with some of the 1.6 terabytes of data stolen from the country's Department of Defense.
Since then, cybercriminals have been wreaking havoc with incidents that include state-owned banks, energy giants, government workers' pension funds and national research institutes.
For the first four months of this year, the threat actor is already the biggest chicken producer and has violated the weather services of the South African government, one of the largest telecommunications companies.
Last week, South Africa's Telecom MTN Group said it had suffered from a cyberattack that made it public with unknown numbers of customers' personal information. The company is Africa's largest provider.
A series of attacks prompted South African government in April to enact new laws that would force all organizations to report cyberattacks to the country's intelligence regulators.
Recorded future
Intelligence Cloud.
learn more.
