South African Airways (flysaa.com) experienced a ransomware attack attributed to the threat actor Incransom, impacting operations in South Africa. The incident underscores the ongoing cybersecurity challenges faced by critical infrastructure providers in the region.
Incident Details
- Victim: south african airways (flysaa.com)
- Country: ZA
- Actor: incransom
- Source: http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/6821f584ba68908013acad75
- Discovered: 2025-05-16 12:17:43.526754
- Published: 2025-05-16 12:00:00.000000
Information
- South African Airways (SAA) is a passenger and freight airline owned and operated by the South African government.
- It is a member of the Star Alliance network.
- The airline is headquartered in Johannesburg, South Africa.
Disclaimer: This post is based on public claims made by the ransomware group "incransom". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.