Last week, South African Airways shared that they got hit by a big cyber incident starting on Saturday, May 3, 2025. This breach temporarily messed with their website, mobile app, and some internal systems. But they said they acted fast to fix the problem and reduce the impact.

As soon as the incident was noticed, they jumped into action with their disaster management and business continuity plans. Thanks to their quick response, they kept the situation under control and made sure there was minimal disruption to their main flight operations. They also kept essential customer service channels, like their contact centres and sales offices, up and running. By the end of the day, everything was back to normal across all the affected systems.

Recognising the potential implications of such an event, SAA management claims they swiftly initiated an investigation conducted by credible, independent digital forensic investigators to determine the root cause and full scope of the incident and explore the possibility that the disruption resulted from external cybercrime activities.

In line with its commitment to regulatory compliance and transparency, SAA has undertaken all reasonable and lawful steps as a National Key Point, including formally reporting the incident to the State Security Agency (SSA), South African Police Service (SAPS) for criminal investigation and notifying the Information Regulator of South Africa as a precautionary measure under the Protection of Personal Information Act (POPIA).

SAA are looking into how this incident might have affected data and is actively checking to see if any data was accessed or taken. If they find out there was a data breach, SAA will make sure to directly inform anyone impacted, following the rules.

Prof. John Lamola, Group CEO of South African Airways, provided the following assurance: "The security and integrity of our business systems and the protection of the consumer data entrusted to us remain our highest priority. In response to the cyber incident that began on May 3rd, we acted swiftly to contain the disruption, restore services, and initiate a comprehensive investigation. Our robust business continuity measures ensured operational stability, particularly for our valued customers. I want to assure all stakeholders, including our partners, customers, and dedicated employees, that we are taking every necessary step to determine the root cause of this incident, strengthen our security framework, and mitigate any potential risks. SAA remains committed to delivering safe, reliable, and resilient service."

SAA ensures the flying public that it will continue to work closely with law enforcement and investigators, reaffirming its unwavering dedication to operational excellence and the integrity of its systems.