[Image: Lucian Fratila / Flickr]
South African Airways (SAA) has launched an investigation after a “significant” cyber attack temporarily disrupted the airline’s website and internal operational systems.
The attack is said to have begun on Saturday, 3 May, with the airline stating it immediately activated its “robust” disaster management and business continuity protocols.
“These swift actions successfully contained the incident and minimised disruption to core flight operations,” says SAA spokesperson Vimla Maistry in a statement. “They also ensured the continued functionality of essential customer service channels, such as the airline’s contact centres and sales offices.”
Normal system functionality across all affected platforms was restored later the same day.
SAA has now tasked independent digital forensic investigators to probe the attack, hoping to determine the root cause and full scope of the incident and look into the possibility that the disruption resulted from external cybercrime activities.
The investigation will assess the full extent of the incident and actively work to determine if any data was accessed or exfiltrated.
Moneyweb reports that SAA has reported the incident to the State Security Agency and South African Police Service for criminal investigation and notified the Information Regulator of South Africa as a precautionary measure under the Protection of Personal Information Act.
“The security and integrity of our business systems and the protection of the consumer data entrusted to us remain our highest priority,” says Professor John Lamola, group CEO of SAA.
“I want to assure all stakeholders, including our partners, customers, and dedicated employees, that we are taking every necessary step to determine the root cause of this incident, strengthen our security framework, and mitigate any potential risks.”
[Source: Moneyweb]
