- Several state websites went offline on Monday in a coordinated cyberattack that left key platforms defaced
- Hackers posted political and ideological messages while disrupting online services tied to major ministries and public systems
- The government has confirmed the group behind the breach and detailed the rapid response efforts now underway
TUKO.co.ke journalist Harry Ivan Mboto has over three years of experience reporting on politics and current affairs in Kenya
Several key government websites went offline after a coordinated cyberattack that targeted major state platforms across different ministries.
Source: Twitter
Users attempting to access the sites on Monday, November 17, found pages defaced with political slogans and altered visuals.
Which government sites were hacked?
A review by TUKO.co.ke showed that the affected platforms included President William Ruto’s official portal, as well as websites belonging to the Health, Education, Labour, Environment, ICT, Tourism, State House and Interior ministries.
Systems tied to the Hustler Fund, the Government Press, the Immigration State Department and Nairobi County also suffered disruption, leaving many Kenyans unable to access routine services.
The attackers posted messages such as “Access denied by PCP”, “We will rise again”, “power worldwide” and “14:88 Heil Hitler”. Another line read, “ABSA is working with us; so are your local politicians.”
Which group hacked Kenyan government sites?
The State Department for Internal Security and National Administration released an official circular signed by Principal Secretary Raymond Omollo, naming the group behind the incident and updating the public on ongoing recovery efforts.
“The attack is suspected to have been carried out by a group identified as PCP@Kenya,” the notice read in part.
According to the PS, the intrusion rendered various government websites inaccessible.
He said the state activated a multi-agency response to limit the damage and restore service.
“The situation has been stabilised, and all affected services are now under close monitoring,” Omollo said.
The circular advised Kenyans to remain alert and report any suspicious online activity to KE CIRT, NC4 and the Directorate of Criminal Investigation (DCI).
The PS also highlighted the legal implications facing the attackers. The breach violates the Computer Misuse and Cybercrimes Act, the Kenya Information and Communications Act and the Data Protection Act.
Those linked to the attack will face prosecution once identified.
Omollo added that safeguarding digital infrastructure remains a priority as more public services move online.
“We are strengthening our resilience through cooperation with the private sector and other partners. Cybersecurity is a core part of our digital transformation plan,” he said.
Investigations are ongoing, with security agencies monitoring any further activity linked to the group.
Source: Facebook
Who compromised eCitizen in 2023?
In July 2023, the eCitizen platform went offline after a major cybersecurity incident that disrupted access to more than 5,000 government services.
Officials said the attempted intrusion overwhelmed the system with heavy traffic, making it unreachable for many users.
The Ministry of Interior later confirmed that services had been restored, saying the outage resulted from a coordinated flood of requests sent from multiple sources.
Anonymous Sudan claimed responsibility and warned of more disruptions. The group also targeted other institutions, including banks and state agencies, across the same period.
Proofreading by Jackson Otukho, copy editor at TUKO.co.ke.
Source: TUKO.co.ke
