South African Airways has reported being hit by a “significant cyber incident” that began on 3 May and disrupted access to the airline’s website, mobile app and “several internal systems”.
The airline has however assured the public that it has subsequently recovered the affected systems.
“SAA immediately activated its robust disaster management and business continuity protocols upon detection of the incident,” it said in a statement.
“These swift actions successfully contained the incident and minimised disruption to core flight operations. They also ensured the continued functionality of essential customer service channels, such as the airline’s contact centres and sales offices.”
SAA said it relied on its call centre to manage customer engagements such as bookings during the outage and confirmed that normal functionality across all channels has been restored.
Details on the attack were not disclosed, and so it’s not known if the incident was ransomware related. Ransomware has become a plague in South Africa, with a large number of public and private sector organisations being impacted in the last year.
SAA said it has initiated a forensic investigation into the incident. Since SAA is a national key point, statutory reports to the State Security Agency, the police and the Information Regulator have also been submitted, it said.
The full extent of the impact of the attack on the personal information of SAA clients and employees is yet to be determined, but the airline said any affected parties will be contacted with details directly.
“The security and integrity of our business systems and the protection of the consumer data entrusted to us remain our highest priority. We are taking every necessary step to determine the root cause of this incident, strengthen our security framework and mitigate any potential risks,” said SAA group CEO John Lamola.
