South African Airways is assessing the potential data impact of a cyber incident which affected several of the carrier’s IT systems.
It says the “significant” cyber breach, which began on 3 May, disrupted the airline’s website, its mobile app, and “several” internal operational system.
“The preliminary investigation is currently assessing the full extent of the incident and actively working to determine if any data was accessed or exfiltrated,” the carrier adds.
If a data breach is confirmed, SAA says it will notify affected parties directly. The company is still working to determine whether the incident related to criminal activity.
“Security and integrity of our business systems, and the protection of the consumer data entrusted to us, remain our highest priority,” says SAA group chief John Lamola.
He says the company “acted swiftly” to contain the disruption and normal functions were restored the same day.
“Our robust business continuity measures ensured operational stability, particularly for our valued customers.
“We are taking every necessary step to determine the root cause of this incident, strengthen our security framework, and mitigate any potential risks.”
SAA is co-operating with forensic investigators, law-enforcement personnel, and information regulators over the probe.
