Ransomware cyber

South African Airways

May 18, 2025 1 min read
South African Airways

South African Airways (SAA) was hit by a ransomware attack on May 3, 2025, which temporarily disrupted access to the airline's website, mobile application, and several internal operational systems. The attack was claimed by the ransomware gang INC, who threatened to leak more data if ransom demands aren’t met. An expert digital forensic investigation is underway to determine the full scope and root cause. While there is no evidence of compromised customer data or financial management systems, the State Security Agency is involved due to SAA’s infrastructure being classified as a National Key Point. SAA is committed to strengthening cybersecurity defenses to mitigate future incidents.

Source: https://www.comparitech.com/news/ransomware-gang-inc-claims-recent-attack-on-south-african-airways/

TPRM report: https://scoringcyber.rankiteo.com/company/south-african-airways-corporate

"id": "sou326051825",
"linkid": "south-african-airways-corporate",
"type": "Ransomware",
"date": "5/2025",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Aviation',
                        'location': 'South Africa',
                        'name': 'South African Airways (SAA)',
                        'type': 'Airline'}],
 'date_detected': '2025-05-03',
 'description': 'South African Airways (SAA) was hit by a ransomware attack on '
                'May 3, 2025, which temporarily disrupted access to the '
                "airline's website, mobile application, and several internal "
                'operational systems. The attack was claimed by the ransomware '
                'gang INC, who threatened to leak more data if ransom demands '
                'aren’t met. An expert digital forensic investigation is '
                'underway to determine the full scope and root cause. While '
                'there is no evidence of compromised customer data or '
                'financial management systems, the State Security Agency is '
                'involved due to SAA’s infrastructure being classified as a '
                'National Key Point. SAA is committed to strengthening '
                'cybersecurity defenses to mitigate future incidents.',
 'impact': {'operational_impact': 'Temporary disruption',
            'systems_affected': ['website',
                                 'mobile application',
                                 'internal operational systems']},
 'investigation_status': 'Underway',
 'motivation': 'Ransom',
 'response': {'law_enforcement_notified': 'State Security Agency',
              'third_party_assistance': 'Expert digital forensic '
                                        'investigation'},
 'threat_actor': 'INC',
 'title': 'South African Airways Ransomware Attack',
 'type': 'Ransomware Attack'}
Published by
Jeremy C
Jeremy C
You might also like
Ransomware cyber

EUMETSAT

public 1 min read
EUMETSAT, a European meteorological organization, was victimized by Fog ransomware. The attack was atypical, utilizing legitimate and open-source tools like…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.