South Africa's state-owned logistics firm Transnet says its main port terminals have been hit by a major cyber attack, prompting it to turn to a rarely-invoked clause releasing it from liability.

In a letter to its customers, dated Monday, the company said it was declaring force majeure – a clause that prevents a party from fulfilling a contract because of external and unforeseen circumstances.

It said it had "experienced an act of cyber-attack, security intrusion and sabotage, which resulted in the disruption of... normal processes and functions."

The attack has affected ports in Durban – the busiest in sub-Saharan Africa – as well as Cape Town, Port Elizabeth and Ngqura, Transnet said in the "confidential" notice seen by AFP on Tuesday.

The attack began on July 22 but continued, forcing the firm to switch to manual systems.

"Operations at the container terminals are still running albeit slower than expected," it said. – AFP