SA’s national airline has confirmed that a cyber breach of its systems at the weekend disabled a number of its internal and customer-facing digital structures.
SAA, the latest in a string of government-linked entities to be breached, said it had been affected by a “significant cyber incident” on May 3.
The airline, which was on the brink of collapse just a few years ago, said it had put measures in place to ensure continued service for its core flight operations while launching an investigation into the incident.
“A preliminary investigation is assessing the full extent of the incident and actively working to determine if any data was accessed or exfiltrated. SAA is committed to notifying any affected parties directly, in accordance with regulatory requirements, should the investigation confirm a data breach,” the national carrier said.
The breach had temporarily disrupted access to the airline’s website, mobile application and several internal operational systems.
Normal system functionality across all affected platforms was restored later the same day.
In response to the incident the airline had “acted swiftly to contain the disruption, restore services and initiate a comprehensive investigation”, SAA group CEO John Lamola said.
“Our robust business continuity measures ensured operational stability, particularly for our valued customers,” Lamola said.
The incident adds to the growing number of cyberattacks on government-linked entities.
The SA Bureau of Standards has experienced three cyberattacks in just five years. It was disclosed in February that core systems remained encrypted and inaccessible at the service after the latest attack in November 2024.
According to security consulting firm Check Point Software Technologies, Africa is the most targeted region with an almost 50% surge in cyber threats.
The firm’s cyberattack report for the first quarter of 2025 shows that the continent had the highest average with 3,286 weekly attacks. SA had a comparatively modest number of attacks at 1,884 per organisation per week, but had the most dramatic rise in attacks with a year-on-year increase of 69%.
“While no market sector is immune from cyberattack, the education sector was the hardest hit in [the first quarter], averaging 4,484 attacks per organisation each week, a staggering 73% increase from the previous year. The government sector followed closely, with 2,678 attacks per organisation per week, a 51% increase, while the telecom sector experienced the highest percentage increase, with a 94% jump, reaching 2,664 attacks per organisation weekly,” said the firm.
Lionel Dartnall, country manager for the Southern African Development Community at Check Point, said: “The continued rise in cyberattacks underscores the need for more robust security measures. Organisations must prioritise strengthening their cybersecurity postures, including deploying advanced threat detection systems, training staff on cybersecurity best practices and ensuring rapid incident response capabilities.”
Update: May 6 2025
This story has been updated with new information.
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.