Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
FlySafair

FlySafair Vendor Cyber Rating & Cyber Score

flysafair.co.za

FlySafair is South Africa's true low cost airline. We took to the skies in October 2014 and have expanded fast, linking several key destinations in South Africa. Our intention is to keep our fares lower for longer and in so doing offer South Africans an affordable and easy air travel alternative. FlySafair is a very dynamic company that prides itself on being forward thinking and innovative. Safair is the holding company which owns FlySafair. With over 52 years experience in the aviation industry this South African stalwart brings both high level expertise and good solid values to the table. Our primary base is in Johannesburg at OR Tambo International Airport with secondary bases at Lanseria, Cape Town and Durban. FlySafair has been


FlySafair A.I CyberSecurity Scoring

FlySafair
Company Information
Website:http://www.flysafair.co.za
Employees number:1,362
Number of followers:226,711
NAICS:3364
Industry Type:Aviation and Aerospace Component Manufacturing
Homepage:flysafair.co.za
FlySafair Risk Score (AI oriented)
Between 700 and 749
logo
FlySafairAviation and Aerospace Component Manufacturing
Updated:
15/05/2026
705/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
FlySafair Global Score (TPRM)
xxxx
logo
FlySafairAviation and Aerospace Component Manufacturing
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

FlySafair
FlySafairModerate
Current Score
705Ba (MODERATE)
01000
1 incidents
-54 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
707Before Incident
JUNE 2026
707Before Incident
MAY 2026
759Before Incident
Breach
01 May 2026FlySafair
FlySafair: FlySafair data breach highlights reporting duties in South Africa

FlySafair Data Exposure Incident

705After Incident
MEDIUM-54
FLY1778862815
FlySafair Data Exposure Highlights POPIA Compliance Risks in Technical Oversights Earlier this month, South African airline FlySafair disclosed a data exposure incident during its annual birthday ticket sale, where customer names and email addresses were temporarily made public due to a technical vulnerability in a chat feature integrated into the sales process. The airline described the breach as "limited in nature" and confirmed it had been reported to regulators, as required under South Africa’s Protection of Personal Information Act (POPIA). The incident underscores that POPIA’s reporting obligations apply regardless of whether a breach stems from a cyberattack or a technical error. Under Section 19 of POPIA, organizations must implement "reasonable technical and organizational measures" to prevent unauthorized access to personal data, including safeguards against design flaws, misconfigurations, or human error. The law does not differentiate between malicious breaches and accidental exposures any unauthorized access triggers a reporting requirement, even if no misuse of data occurs. POPIA mandates notification to the Information Regulator and affected individuals when there are reasonable grounds to believe personal data has been accessed by unauthorized parties. In this case, the public display of customer information constituted unauthorized access, as data subjects did not consent to its exposure. The breach serves as a reminder that POPIA compliance extends beyond cybersecurity defenses. Organizations must embed data protection into system design, operational processes, and regular policy reviews to address evolving risks whether from malicious actors or inadvertent technical failures. Failure to do so carries regulatory consequences, regardless of intent.
INCIDENT DETAILS -
TYPE
Data Exposure
IMPACT
Data Compromised: Customer names and email addressesSystems Affected: Chat feature in sales process
DATA BREACH
Type Of Data Compromised: Personally Identifiable Information (PII)Sensitivity Of Data: Low to moderate (names and email addresses)Personally Identifiable Information: Names, email addresses
APRIL 2026
759Before Incident
MARCH 2026
759Before Incident
FEBRUARY 2026
759Before Incident
JANUARY 2026
759Before Incident
DECEMBER 2025
759Before Incident
NOVEMBER 2025
759Before Incident
OCTOBER 2025
759Before Incident
SEPTEMBER 2025
759Before Incident
AUGUST 2025
759Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for FlySafair ?
?
What was FlySafair's A.I Rankiteo Cyber Score in June 2026 ?
?
What was FlySafair's A.I Rankiteo Cyber Score in May 2026 ?
?
What was FlySafair's A.I Rankiteo Cyber Score in April 2026 ?
?
What was FlySafair's A.I Rankiteo Cyber Score in March 2026 ?
?
What was FlySafair's A.I Rankiteo Cyber Score in February 2026 ?
?
What was FlySafair's A.I Rankiteo Cyber Score in January 2026 ?
?
What was FlySafair's A.I Rankiteo Cyber Score in December 2025 ?
?
What was FlySafair's A.I Rankiteo Cyber Score in November 2025 ?
?
What was FlySafair's A.I Rankiteo Cyber Score in October 2025 ?
?
What was FlySafair's A.I Rankiteo Cyber Score in September 2025 ?
?
What was FlySafair's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on FlySafair's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with FlySafair ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view FlySafair's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?
FlySafair Cyber Scoring History | Rankiteo