South African Airways (SAA) has recently experienced a significant cyber incident that began on Saturday, 3 May 2025. This breach temporarily disrupted access to the airline’s website, mobile application, and several internal systems. In response, SAA activated its disaster management and business continuity protocols to minimise disruption and ensure continued customer service via contact centre’s and sales offices.
SAA’s management swiftly initiated a comprehensive investigation conducted by independent digital forensic investigators to determine the root cause and full scope of the incident. The airline is also exploring the possibility that the disruption resulted from external cybercrime activities.
In line with regulatory compliance and transparency, SAA has reported the incident to the State Security Agency (SSA), South African Police Service (SAPS) for criminal investigation, and notified the Information Regulator of South Africa under the Protection of Personal Information Act (POPIA).
SAA has assured stakeholders, including partners, customers, and employees, that they are taking every necessary step to determine the root cause of the incident, strengthen their security framework, and mitigate any potential risks. The airline continues to work closely with law enforcement and investigators to maintain operational stability and protect consumer data.